estoy probando hijackthis

Question

Hola

En mi computer hay un virus y no se cual es que estoy tratando de eliminar con hijackthis espero en este forum me ayuden.

gracias.

Bonjour

Dans mon computer est apparu un virus mais je ne sais pas lequel, j'espere que quelqun puisse m'aider, mercie.

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:55:24, on 14.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Click to DVD 2\ctdatsvr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=ch&toHttps=1&redig=559532B7E5614DF8AED400BC9AC5E642
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=ch&toHttps=1&redig=559532B7E5614DF8AED400BC9AC5E642
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Claudia\mmx.exe \s
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe"  /Stationary
O4 - HKLM\..\Run: [VMConsole.exe] C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe /windowmin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Avast Management] Avast Management
O4 - HKLM\..\Run: [AntiVir Guard Service] avgrdr.exe
O4 - HKLM\..\Run: [Avast Service] ashrv.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Programme de démarrage du Mode automatique Click to DVD.lnk = C:\Program Files\Sony\Click to DVD 2\ctdatsvr.exe
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Google Updater.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Quick Help.lnk = C:\Program Files\Bluewin\Quick Help\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin
pjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin
pjpi150.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

gen-hackman · Answer

bonsoir c'est possible de parler francais ou pas ?

gen-hackman · Answer

réouvre hijackthis 
fais scan only 
coches ces lignes sur leur gauche: 

R3 - Default URLSearchHook is missing 
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Claudia\mmx.exe \s 
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file) 
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" 
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing) 
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing) 
O18 - Protocol: bw+0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw+0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw-0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw-0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw00 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw00s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw10 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw10s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw20 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw20s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw30 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw30s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw40 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw40s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw50 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw50s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw60 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw60s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw70 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw70s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw80 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw80s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw90 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw90s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwa0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwa0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwb0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwb0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwc0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwc0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwd0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwd0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwe0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwe0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwf0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwf0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll 
O18 - Protocol: bwg0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwg0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwh0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwh0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwi0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwi0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwj0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwj0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwk0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwk0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwl0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwl0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwm0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwm0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwn0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwn0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwo0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwo0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwp0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwp0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwq0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwq0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwr0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwr0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bws0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bws0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwt0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwt0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwu0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwu0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwv0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwv0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bww0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bww0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwx0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwx0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwy0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwy0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwz0 - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwz0s - {2C329AFC-2D48-4D08-A309-0752CCDE753E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) 
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) 
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe 
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 

tu les coches et tu clic sur "fix checked"

et tu fermes le programme.

coco1528 · Answer

est tu sure?
Je doit eliminer ces programes?

gen-hackman · Answer

oui tu les coches sur leur gauches et "Fix checked"

gen-hackman · Answer

ensuite tu feras ceci :

télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip sur ton bureau 
Pour Vista : Désactive l'UAC jusqu'à la résolution du problème http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/desactiver-controle-utilisateurs-sujet_198996_1.htm 
dézippe le dossier, double-clique sur GenProc.bat (le .bat peut ne pas apparaitre)

et poste le contenu du rapport qui s'ouvre

gen-hackman · Answer

ok fais ce qu il t'indique pas-à-pas :)

coco1528 · Answer

Salut Gen hackman je poste ici cet que a sorti dans http://siri.urz.free.fr/Fix/SmitfraudFix.exe. Voila le rapport:


Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Click to DVD 2\ctdatsvr.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Mozilla Firefox\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Claudia


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Claudia\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Claudia\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 2200BG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{69E80110-8E8B-4D89-9669-7A37FADC55F4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{69E80110-8E8B-4D89-9669-7A37FADC55F4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{69E80110-8E8B-4D89-9669-7A37FADC55F4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{69E80110-8E8B-4D89-9669-7A37FADC55F4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

gen-hackman · Answer

Laisse tomber la suite :

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau. 

! Déconnecte toi et ferme toutes tes applications en cours ! 

Double-clique sur " RSIT.exe " pour le lancer . 

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " . 

* Devant l'option "List files/folders created ..." , tu choisis : 2 months 

* clique ensuite sur " Continue " pour lancer l'analyse ... 


-> laisse faire le scan et ne touche pas au PC ... 


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note). 

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ... 

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum 


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

gen-hackman · Answer

tu télécharge Lop S&D.exe sur ton Bureau.

LOP S&D

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

coco1528 · Answer

Salut gen-hackman, j'ai fait tout ce que tu m'as dit voila le rapport LopSD:

  --------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.60GHz )
   BIOS : Phoenix NoteBIOS 4.0 Release 6.0     
   USER : Claudia ( Administrator )
   BOOT : Normal boot
   Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
   C:\ (Local Disk) - NTFS - Total:27 Go (Free:0 Go)
   D:\ (Local Disk) - NTFS - Total:20 Go (Free:20 Go)
   E:\ (USB)
   F:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 15.03.2009|21:47 )
 
   --------------------\  Listing des dossiers dans APPLIC~1

   [02.09.2008|08:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [28.12.2007|03:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [28.12.2007|03:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [17.06.2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
   [17.06.2008|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [15.03.2009|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [19.11.2004|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
   [04.01.2008|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [23.02.2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [22.12.2005|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
   [22.11.2004|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [01.07.2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [13.04.2008|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
   [16.02.2009|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [17.06.2008|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [25.04.2007|08:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [19.12.2005|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform
   [28.06.2006|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [03.09.2006|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [19.12.2006|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

   [21.04.2008|09:46] C:\DOCUME~1\Claudia\APPLIC~1\Adobe
   [25.04.2006|09:40] C:\DOCUME~1\Claudia\APPLIC~1\AdobeUM
   [19.06.2008|14:06] C:\DOCUME~1\Claudia\APPLIC~1\Chicken Chase
   [31.03.2006|21:49] C:\DOCUME~1\Claudia\APPLIC~1\DownloadManager
   [05.10.2007|19:02] C:\DOCUME~1\Claudia\APPLIC~1\Google
   [23.03.2006|18:52] C:\DOCUME~1\Claudia\APPLIC~1\Help
   [19.11.2004|11:22] C:\DOCUME~1\Claudia\APPLIC~1\Identities
   [23.12.2005|17:55] C:\DOCUME~1\Claudia\APPLIC~1\InterVideo
   [30.01.2006|17:55] C:\DOCUME~1\Claudia\APPLIC~1\Leadertech
   [04.01.2008|10:09] C:\DOCUME~1\Claudia\APPLIC~1\Logitech
   [16.01.2006|22:48] C:\DOCUME~1\Claudia\APPLIC~1\Macromedia
   [17.01.2009|18:48] C:\DOCUME~1\Claudia\APPLIC~1\Microsoft
   [08.08.2008|08:16] C:\DOCUME~1\Claudia\APPLIC~1\Motive
   [13.09.2008|12:03] C:\DOCUME~1\Claudia\APPLIC~1\Mozilla
   [14.03.2007|20:34] C:\DOCUME~1\Claudia\APPLIC~1\PC Tools
   [06.08.2008|09:45] C:\DOCUME~1\Claudia\APPLIC~1\Real
   [15.03.2009|21:18] C:\DOCUME~1\Claudia\APPLIC~1\Skype
   [01.03.2006|11:21] C:\DOCUME~1\Claudia\APPLIC~1\Skype(2)
   [15.03.2009|19:51] C:\DOCUME~1\Claudia\APPLIC~1\skypePM
   [28.05.2006|14:38] C:\DOCUME~1\Claudia\APPLIC~1\Sonic
   [18.09.2007|10:21] C:\DOCUME~1\Claudia\APPLIC~1\Sony Corporation
   [27.12.2005|16:02] C:\DOCUME~1\Claudia\APPLIC~1\Sun
   [06.12.2007|12:44] C:\DOCUME~1\Claudia\APPLIC~1\Symantec
   [17.01.2009|18:48] C:\DOCUME~1\Claudia\APPLIC~1\Template
   [12.05.2007|13:02] C:\DOCUME~1\Claudia\APPLIC~1\U3
   [25.09.2008|09:03] C:\DOCUME~1\Claudia\APPLIC~1\wsInspector

   [21.12.2006|11:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
   [16.01.2007|13:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [09.01.2007|02:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sony Corporation

   [19.11.2004|11:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [13.03.2009 23:31][--a------] C:\WINDOWS	asks\Norton Security Scan for Claudia.job
   [03.03.2009 15:43][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [15.03.2009 20:52][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05.08.2004 13:00][-r-h-c---] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [13.04.2008|09:51] C:\Program Files\Adobe
   [19.11.2004|12:16] C:\Program Files\Apoint
   [28.12.2007|03:35] C:\Program Files\Apple Software Update
   [17.06.2008|18:20] C:\Program Files\Avira
   [17.06.2008|16:08] C:\Program Files\Bluewin
   [15.03.2009|15:51] C:\Program Files\CCleaner
   [22.12.2005|00:47] C:\Program Files\Common Files
   [19.11.2004|11:19] C:\Program Files\ComPlus Applications
   [19.11.2004|12:53] C:\Program Files\CONEXANT
   [25.04.2006|09:40] C:\Program Files\DownloadManager
   [01.07.2008|22:24] C:\Program Files\Fichiers communs
   [22.11.2004|11:04] C:\Program Files\FlashPlayer
   [02.09.2008|10:41] C:\Program Files\Freecom Network Storage Assistant
   [25.04.2006|09:40] C:\Program Files\fsupport
   [17.06.2008|15:53] C:\Program Files\Google
   [07.03.2009|21:38] C:\Program Files\InstallShield Installation Information
   [19.11.2004|12:46] C:\Program Files\Intel
   [12.02.2009|00:25] C:\Program Files\Internet Explorer
   [13.04.2008|10:17] C:\Program Files\InterVideo
   [31.10.2006|17:41] C:\Program Files\Java
   [08.07.2008|19:38] C:\Program Files\Loco
   [04.01.2008|09:50] C:\Program Files\Logitech
   [12.10.2008|21:02] C:\Program Files\McDonaldsFairies
   [16.08.2008|00:52] C:\Program Files\Messenger
   [11.05.2007|08:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [19.11.2004|11:22] C:\Program Files\microsoft frontpage
   [19.12.2005|18:11] C:\Program Files\Microsoft Office
   [19.12.2005|18:11] C:\Program Files\Microsoft Works
   [13.04.2008|00:24] C:\Program Files\MoodLogic
   [19.12.2005|17:58] C:\Program Files\Moodlogic HTML
   [22.12.2005|01:37] C:\Program Files\Motive
   [19.11.2004|11:20] C:\Program Files\Movie Maker
   [15.03.2009|21:18] C:\Program Files\Mozilla Firefox
   [19.11.2004|11:18] C:\Program Files\MSN
   [19.11.2004|11:18] C:\Program Files\MSN Gaming Zone
   [15.10.2007|12:27] C:\Program Files\MSN Messenger
   [14.11.2008|08:23] C:\Program Files\MSXML 4.0
   [22.12.2005|02:42] C:\Program Files\NetMeeting
   [17.06.2008|17:08] C:\Program Files\Norton 360
   [01.03.2006|11:17] C:\Program Files\Norton Internet Security(2)
   [01.03.2006|11:19] C:\Program Files\Norton Internet Security(3)
   [13.03.2009|15:00] C:\Program Files\Norton Security Scan
   [19.12.2006|11:20] C:\Program Files\Nouveau dossier
   [19.11.2004|11:18] C:\Program Files\Online Services
   [14.06.2007|07:56] C:\Program Files\Outlook Express
   [04.02.2009|08:51] C:\Program Files\Passware
   [04.10.2008|10:06] C:\Program Files\Picasa2
   [28.12.2007|03:44] C:\Program Files\QuickTime
   [19.12.2005|17:47] C:\Program Files\Raccourcis de programmes
   [24.09.2006|14:04] C:\Program Files\Real
   [19.11.2004|12:59] C:\Program Files\Realtek
   [18.06.2008|19:26] C:\Program Files\ReflexiveArcade
   [19.11.2004|11:20] C:\Program Files\Services en ligne
   [01.07.2008|22:24] C:\Program Files\Skype
   [13.04.2008|00:34] C:\Program Files\Sony
   [17.02.2009|07:24] C:\Program Files\Spybot - Search & Destroy
   [25.09.2008|09:06] C:\Program Files\Startup Inspector for Windows
   [17.06.2008|17:07] C:\Program Files\Symantec
   [14.03.2009|22:45] C:\Program Files\Trend Micro
   [19.11.2004|11:25] C:\Program Files\Uninstall Information
   [23.12.2007|21:39] C:\Program Files\Windows Live Toolbar
   [28.11.2007|21:57] C:\Program Files\Windows Media Connect 2
   [28.11.2007|21:57] C:\Program Files\Windows Media Player
   [19.11.2004|11:18] C:\Program Files\Windows NT
   [19.11.2004|11:20] C:\Program Files\WindowsUpdate
   [19.11.2004|11:22] C:\Program Files\xerox
   [22.11.2004|11:05] C:\Program Files\Yahoo HTML
   [19.12.2006|11:37] C:\Program Files\Yahoo!
   [22.11.2004|11:05] C:\Program Files\YahooMFU

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [07.03.2009|21:37] C:\Program Files\Fichiers communs\Adobe
   [22.11.2004|10:58] C:\Program Files\Fichiers communs\InstallShield
   [22.11.2004|10:55] C:\Program Files\Fichiers communs\Java
   [04.01.2008|09:44] C:\Program Files\Fichiers communs\Logitech
   [12.10.2008|21:11] C:\Program Files\Fichiers communs\Microsoft Shared
   [22.12.2005|00:53] C:\Program Files\Fichiers communs\Motive
   [19.11.2004|11:20] C:\Program Files\Fichiers communs\MSSoap
   [19.11.2004|12:14] C:\Program Files\Fichiers communs\ODBC
   [07.08.2007|15:55] C:\Program Files\Fichiers communs\Real
   [19.11.2004|11:20] C:\Program Files\Fichiers communs\Services
   [01.07.2008|22:24] C:\Program Files\Fichiers communs\Skype
   [19.12.2005|17:59] C:\Program Files\Fichiers communs\Sony Shared
   [19.11.2004|12:14] C:\Program Files\Fichiers communs\SpeechEngines
   [11.02.2009|16:57] C:\Program Files\Fichiers communs\Symantec Shared
   [14.06.2007|07:56] C:\Program Files\Fichiers communs\System
   [07.08.2007|15:56] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 61 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\Claudia\Cookies\claudia@advertising[1].txt
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-03-15 21:48:39
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 18
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:2756][D:204]-> C:\DOCUME~1\Claudia\LOCALS~1\Temp
   [F:356][D:0]-> C:\DOCUME~1\Claudia\Cookies
   [F:6889][D:56]-> C:\DOCUME~1\Claudia\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 15.03.2009|21:51 - Option : [1]

   --------------------\  Fin du rapport a 21:51:44

gen-hackman · Answer

double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option "Suppression - Hosts"
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

gen-hackman · Answer

salut :


Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.



Télécharges :
Malwarebytes  ou  :
Malwarebytes

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

* Potasses le Tuto pour te familiariser avec le prg :


( cela dis, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

Estoy probando hijackthis

12 réponses

Votre réponse

Discussions similaires

Newsletters