Sujet Précédent Sujet Suivant

Zlob dns changer

Fermé
José - 2 juin 2009 à 09:34
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 2 juin 2009 à 11:33
Bonjour,

depuis environ 2 semaines, j'ai des coupures de connexion internet assez souvent( ça semble assez stable pr le moment).J'avais effectué un scan avec spybot et il m'avait détecté zlob dsn changer que j'ai pu effacé après le scan mais les coupures sont toujours là. Quand je refais un scan avec spybot, il ne me détecte plus rien.Qqb pourrait-il m'aider car cela devient insupportable quand je joue à un jeu.
merci d'avance

José

J'ai fait un scan avec hijack si vous en avez besoin pr aller plus vite:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:33:10, on 2/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Ahead\InCD\InCDsrv.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\system32\WgaTray.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\WINDOWS\System32\winsys2.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
E:\Program Files\Ahead\InCD\InCD.exe
E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Real\RealPlayer\RealPlay.exe
E:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
E:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\pspvideo9\pspvideo9.exe
E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
E:\Program Files\Analog Devices\Core\smax4pnp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\jeux\steam.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\DNA\btdna.exe
E:\DOCUME~1\GARCIA~1\LOCALS~1\Temp\bwgo00013301.exe
E:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
E:\Program Files\Logitech\ImageStudio\LowLight.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
E:\Program Files\MSN Messenger\livecall.exe
E:\Program Files\MSN Messenger\usnsvc.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
E:\Documents and Settings\Garcia José Manuel\Bureau\programmes divers\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lesoir.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - E:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - E:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - E:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SW20] E:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] E:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] E:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] E:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "E:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "E:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "E:\Program Files\Fichiers communs\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RealTray] E:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMS] E:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] E:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] E:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\pspvideo9\pspvideo9.exe -t
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\jeux\steam.exe" -silent
O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "E:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [uauao] "e:\documents and settings\garcia josé manuel\local settings\application data\uauao.exe" uauao
O4 - HKCU\..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VeohPlugin] "E:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKLM\..\Policies\Explorer\Run: [] 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] E:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] E:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = E:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - E:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Chess - http://download2.games.yahoo.com/games/clients/y/ct5_x.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ControlInstaller Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_1_2_1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{77394C17-42AC-41F0-8C00-F6E87B6D6ED0}: NameServer = 85.255.112.159
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw+0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1E31F5DE-DE3E-4594-ADB1-CC4AB07F37C5} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - E:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Software Updater (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - E:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - E:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - E:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - E:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
A voir également:

3 réponses

Réponse 1 / 3
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
2 juin 2009 à 09:44
Salut,


plusieur infctions ... ^^



commence par ceci dans l'ordre :


1- Important :
Désactive le "tea timer" de Spybot S&D en t'aidant de ce tuto animé (merci Balltrap ;) ) :
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
( sur la 1er image , clique sur "tea timer" pour lancer l'animation ).

En effet , il risque de géner dans le bon déroulement des outils de désinfections et dans la répartion du registre ...

Tu le réactiveras une fois qu'on aura finit de désinfecter ( et pas avant ! ) .
/!\ Mais attention :
à ce moment là, le " TeaTimer " de Spybot proposera, par le biais de plusieurs pop-up, d'accepter ou non des modifications de registre ( survenuent lors de la désinfection )
-> il faudra alors les accepter toutes sans exeptions !

Puis part la suite , il faudra rester vigilant lorsque le "TeaTimer" donnera des alertes : accepter une modification uniquement si on en connait la provenance .



Une fois ceci fait ( et pas avant ! ) , tu enchaines .


================================


2- Télécharge WORT de pc-system.fr sur ton bureau :
> http://pc-system.fr/

*Crée ce dossier > C:\WORT
-> Va dans poste de travail / clique sur ton disque C / puis clique droit dans cette fenêtre et choisis "créer"> "nouveau dossier" > nomme le exactement ainsi WORT

! déconnecte toi , ferme toutes applications en cours (navigateur compris ) !

* Double clique sur WORT.exe pour lancer l'installation de l'outil .
* Ouvre le dossier WORT , clique sur WareOut_Removal_Tool.bat pour lancer l'outil et laisse toi guider ...

> Choisis l'option 1 et laisse travailler l'outil ...

Une fois terminé, poste le rapport obtenu .
Il sera enregistré dans C:\WORT\WORT_report.txt
( Il te sera proposé d'exécuter le fichier "WORTregfix.reg", accepte ! )

Poste également un nouveau rapport Hijackthis et attends la suite ...

0
Réponse 2 / 3
José
2 juin 2009 à 10:25
j'étais en train de faire ce que tu me demandais et puis tout d'un coup, je ne peux plus rentrer ds mes disques durs....
0
Réponse 3 / 3
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
2 juin 2009 à 11:33
re,


fais ceci alors :


Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Ferme bien toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


( Note : Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.)


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante ... si tu essaies de poster les deux en même temps,
cela risque d'être trop long pour le forum ...
Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ...

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )



0

Discussions similaires

erreur : DSN PROBE finished no internet
antiboijoande -
Chica -

6 réponses
Mettre Facebook Messenger en français
bleumarine2009 -
lauredine61 -

1 réponse