Sujet Précédent Sujet Suivant

Anti-virus-gold

vivou -  
 Utilisateur anonyme -
Je suis infesté par un méchant warm : anti-virus-gold !!

Que faire ?

Ravantivirus, Norton, Sybot ne trouve rien !!
A voir également:

42 réponses

Réponse 1 / 42
d0ne Messages postés 1019 Statut Membre 73
 
teste kaspersky personal http://www.kaspersky.com/fr/evaluation
0
Réponse 2 / 42
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
dune tu as des action chez eux
quand tu dit cela explique qu il ne faut pas mettre plusieurs anti virus actif en meme temp
0
Réponse 3 / 42
bernie61
 
salut à tous
Troj/Spyre-E crée les clefs à effacer :
HKLM\SOFTWARE\AntivirusGold
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run : Intel system tool
<System>\hookdump.exe
Effacer aussi le répertoire ProgramFiles/AntivirusGold et le fichiers Windows/system32/hookdump.exe
vider la poubelle
a+
0
Réponse 4 / 42
vivou
 
Excuse moi de mon ignorance, je comprends pas bien le début de ton messagz
Troj/Spyre-E crée les clefs à effacer :
HKLM\SOFTWARE\AntivirusGold
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run : Intel system tool
<System>\hookdump.exe

Merci pour ton aide
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 42
bernie61
 
resalut
tu ouvres la BDR avec Démarrer/exécuter et là tapper REGEDIT
puis voyager jusqu'à la clef en question et dans le panneau de droite effacer les noms indiqués ci dessus post3

ensuite faire Démarrer/rechercher et tapper le nom Antivirus Gold et effacer répertoire, puis chercher Hookdump et l'effacer aussi

un Hijackthis serait le bienvenu et sans doute plus complet (ou moins dangereux)
a+
0
Réponse 6 / 42
Chocoboule Messages postés 15 Statut Membre
 
slt tt le monde!
Moi j'ai le même pb que vous avec anti virus gold! Sauf que je n'arrive pas à trouver les clés dans les registres!!! elles sont introuvables!!! Je comprends pas trop! Si quelqun pouvez m'expliquer comment trouver les clés à effacer se serait vraiment simpas! J'ai beau faire pleins de recherches, ça ne trouve rien!
Merci d'avance! a+
0
Réponse 7 / 42
Utilisateur anonyme
 
salut

telecharge hijackthis:
http://www.merijn.org/files/hijackthis.zip
Dezippe le dans un dossier prévu a cet effet.
Par exemple C:\hijack
et surtout pas dans un dossier temporaire (temp)
lance le puis:
clic sur "do a system scan and save logfile" et pas autre chose
Le bloc note va s'ouvrir, copie tout le contenu et colle le ici a la suite de ton message.
Si tu as du mal, regarde ceci:
http://pageperso.aol.fr/balltrap34/demohijack.htm

a+
0
Réponse 8 / 42
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
moe si tu peut fait lui rechercher les fichiers meme date intel
0
Réponse 9 / 42
Utilisateur anonyme
 
ca roule, mais s'il repond avant que j'arrete lol
0
Réponse 10 / 42
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
vi
0
Réponse 11 / 42
Chocoboule Messages postés 15 Statut Membre
 
bijour tt le monde alors j'ai fais tout ce que vous m'avez dit!
Voilà donc mon rapport " hijackthis":

Logfile of HijackThis v1.99.1
Scan saved at 13:08:27, on 23/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.exe
c:\windows\system32\fhswzh.exe
C:\Apps\ActivBoard\MMKeybd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Qdjett\Fvrtlu.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\WINDOWS\VM_STI.EXE
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\winDSL.exe
C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\RarSFX0\4.exe
C:\WINDOWS\lyaxugmb.exe
C:\WINDOWS\system32\msxct.exe
C:\program files\180searchassistant\sais.exe
C:\WINDOWS\system32\4d85gno3.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\WINDOWS\switpa.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\logon.exe
C:\WINDOWS\system32\sdbtf.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\winDSL.exe
C:\WINDOWS\system32\hookdump.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\dsuatm.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Fichiers communs\services.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Winamp\Winamp.exe
C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\Rar$EX00.890\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ieuzlgmarmlnc.uk/Lvkrswy4nesPn9brPURefaYAOK_hn9jEbTkS_dpTzGin9cMN2a259MyBnForhH5N.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vyzebwpbnudarmj.com/Lvkrswy4neukROsxzu/RKmc49CmC0HlhVckuNhYPHYg.jpg
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default.home/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DKQXEK] C:\WINDOWS\DKQXEK.exe
O4 - HKLM\..\Run: [CGMTDJQW] C:\WINDOWS\CGMTDJQW.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [WinMsgService] C:\WINDOWS\System32\System.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Binxf] C:\Program Files\Qdjett\Fvrtlu.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [owns blue bone bags] C:\Documents and Settings\All Users\Application Data\ooze burn owns blue\Tick Meal.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKLM\..\Run: [REGRUN] C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\RarSFX0\4.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteirl32.exe
O4 - HKLM\..\Run: [HELPER] C:\WINDOWS\system32\temp532.exe -N
O4 - HKLM\..\Run: [WinNite32] C:\WINDOWS\winsystem.exe
O4 - HKLM\..\Run: [FILE] C:\WINDOWS\abcdefg.exe
O4 - HKLM\..\Run: [NAVNet] "C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\ICD6.tmp\mparam.exe" /m
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [px9KT] C:\WINDOWS\lyaxugmb.exe
O4 - HKLM\..\Run: [msxct] msxct.exe
O4 - HKLM\..\Run: [sais] c:\program files\180searchassistant\sais.exe
O4 - HKLM\..\Run: [4d85gno3] C:\WINDOWS\system32\4d85gno3.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [AutoLoaderAproposClient] "C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\cxtpls_loader.exe" /PC=CP.IST /ForSupportedBrowsers /ShowLegalNote=nonbranded
O4 - HKLM\..\Run: [zuzat] C:\WINDOWS\zuzat.exe
O4 - HKLM\..\Run: [switp] C:\WINDOWS\switpa.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [6JwJivj] C:\WINDOWS\lyaxugmb.exe
O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe
O4 - HKLM\..\Run: [3FFV38Q] sdbtf.exe
O4 - HKLM\..\Run: [wbmtjog] c:\windows\system32\fhswzh.exe r
O4 - HKLM\..\Run: [Gram test platform axis] C:\Documents and Settings\All Users\Application Data\Bike License Gram Test\AimFrag.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKCU\..\Run: [Face obj] C:\DOCUME~1\MAERBE~1\APPLIC~1\FLAPFO~1\bolt bike.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MessengerDiscovery] C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1041.dll,InstantAccess
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Intel system tool] C:\WINDOWS\system32\hookdump.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000080.exe
O4 - HKCU\..\Run: [Iow9RUctT] dsuatm.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [Steam] C:\valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Conversion CLIE - C:\Program Files\Sony\Image Converter\menu.htm
O8 - Extra context menu item: Conversion CLIÉ - C:\Program Files\Sony\Image Converter\menu.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
O16 - DPF: Interface Chat Voila - http://chat5.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_nos.exe
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int10.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_FR_XP.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/WebsiteAccess/ie/bridge-c1.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_FR_XP.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} - http://www.20x2p.com/b98b0f2a/mparam.cab
O16 - DPF: {27DA08CF-FCDB-C812-102C-35416A233100} - http://sex.xxxhard.com/starnews.exe
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binaries/IA/svcsysnet32_FR_XP.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_download.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab
O16 - DPF: {54C75FB0-6B8B-4278-BF7B-77036F15A69E} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1041_FR_XP.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20041101/qtinstall.info.apple.com/pthalo/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a936.g.akamai.net/7/936/537/00000002/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/website.ocx
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/13536/CD/Diabloteen.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_FR_XP.cab
O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) - http://www.normal.video-party.com/class/webcam2.cab
O18 - Protocol: bw+0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe

Voilà j'attends vos réponses et vos explications dans les manips' à suivre par la suite!
Merci d'avance!a+
0
Réponse 12 / 42
Utilisateur anonyme
 
salut

eh ben !! c'est impressionant le nombre de saletées qui trainent sur ton pc

commence par faire ceci:
met à jour ton antivirus

telecharge, installe et met à jours ces antispywares:

* Spybot S&D:
http://spybot.safer-networking.de/fr/mirrors/index.html
l'aide:
http://www.zebulon.fr/articles/spybot_1.php
http://assiste.free.fr/p/internet_utilitaires/spybot_search_destroy.php#ssd_02

* Ad-aware:
http://www.lavasoftusa.com/french/support/download/
Le patch francais:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
l'aide:
http://www.tutopat.com/viewtopic.php?t=1191
une petite aide en video ici:
http://www.putfile.com/media.php?n=adawrevid&width=640
ou là:
http://pageperso.aol.fr/balltrap34/adawrevid.asf

- A² free:
lire ceci avant de le télécharger:
http://assiste.free.fr/p/internet_utilitaires/a2_free.php
http://www.emsisoft.net/fr/software/free/
http://www.regnow.com/softsell/visitor.cgi?affiliate=18312&action=site&vendor=10955&ref=http://download1.emsisoft.com/a2freesetup.exe

ensuite:

Déconnecte toi d'internet:
Ferme tout les programmes en cours
Vide le cache d'Internet Explorer et supprime les cookies:

* Panneau de configuration >> Options internet >> Onglet "Général"
- Clic sur [supprimer les cookies]
- Clic sur [Supprimer les fichiers] et coche la case "Supprimer tout le contenu hors connexion"
Valide avec ok

Redémarre en mode sans échec
Laisse passer l'écran du bios, puis tapote sur la touche F8 avant qu'apparaisse l'écran de chargement de windows.
Choisis le mode sans échec dans les options et valide avec entrée.

Rend visible les fichiers cachés et systeme
panneau de configuration > options des dossiers > onglet affichage
Cocher la case devant " afficher les fichiers et dossiers cachés "
Décocher la case devant " masquer les extentions des fichiers dont le type est connu
Décocher la case devant " masquer les fichiers protégés du système"
clic sur ok pour valider

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

passe ton av

puis scanne ton pc avec les progs que tu viens d'installer (un apres l'autre, pas tous en meme temps)
lance spybot
lance ad-aware
lance a²
et supprime tout ce qu'ils trouvent.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

redemarre le pc, et repasse une derniere fois spybot, ad-aware et a²

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

ensuite fais un scan av en ligne ici:
http://www.bitdefender.com/scan/licence.php
et ici:
http://www.pandasoftware.com/activescan/fr/activescan_principal.htm

poste les rapports d'analyse + un nouvel hijack

a+
0
Réponse 13 / 42
Chocoboule Messages postés 15 Statut Membre
 
ouahh vous êtes des vrais bêtes d'informatique!!! mdr
Bon bah je vais aller à mon rythme et faire tout ça!!
j'vous poste les résultats après!! merci encore et je me mets au boulot!!!:D

Blem: Je n'ai plus d'anti virus! Je suis vraiment fou je le sais alor je vais faire toutes les analyses mais pour ce qui est de l'antivirus je peux aps!

@tte à l'heure;)
0
Réponse 14 / 42
Chocoboule Messages postés 15 Statut Membre
 
Re tout le monde!!!
Alors j'ai effectué la plupart de vos ordres mes quelques pbs m'ont empêchés de les suivre à la lettre.

Voila le compte rendu:

***En mode sans echec***

--- Spybot: 279pbs--->tout regler sauf 5pbs restant pour le reboot.

---Ad Aware: 153pbs--->tout regler sauf 6pbs pour le reboot.

---a²: 144pbs--------> tout regler 0 restant

pas d'analyse antivirus, car je n'en ai point.

***Reboot mode normal***

---Spybot: reglage des 5pbs, tous les mouchards sont donc effacés.

---Ad Aware: reglage des 6 pbs, tout est normalement reglé.

***Demarage de l'ordinateur***

Helas, l'arriere plan Warning you're in danger est toujours présent....Mais bizarrement, la croix blanc sur fond rouge en bas à droite s'est enlevée....

Voici mon new hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 18:39:25, on 23/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.exe
c:\windows\system32\csqvnab.exe
C:\Apps\ActivBoard\MMKeybd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\svchost.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Fichiers communs\services.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\rsvp.exe
C:\Program Files\Winamp\Winamp.exe
C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\Rar$EX00.765\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.vpnoqorygfm.net/Lvkrswy4nesPn9brPURefaYAOK_hn9jEbTkS_dpTzGhzxKGCDRrXA8yBnForhH5N.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rgagbkkfkdoeygvadscyjocug.com/Lvkrswy4neukROsxzu/RKiYwHMDodQ/gVckuNhYPHYg.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Shorty - {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6} - C:\Program Files\DNS\Catcher.dll
O2 - BHO: (no name) - {746FEAED-2D2A-BB28-772D-1CF8BB5B3DBC} - C:\DOCUME~1\MAERBE~1\APPLIC~1\KEEPLI~1\List heart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DKQXEK] C:\WINDOWS\DKQXEK.exe
O4 - HKLM\..\Run: [CGMTDJQW] C:\WINDOWS\CGMTDJQW.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [WinMsgService] C:\WINDOWS\System32\System.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Binxf] C:\Program Files\Qdjett\Fvrtlu.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [owns blue bone bags] C:\Documents and Settings\All Users\Application Data\ooze burn owns blue\Tick Meal.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKLM\..\Run: [REGRUN] C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\RarSFX0\4.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteirl32.exe
O4 - HKLM\..\Run: [HELPER] C:\WINDOWS\system32\temp532.exe -N
O4 - HKLM\..\Run: [WinNite32] C:\WINDOWS\winsystem.exe
O4 - HKLM\..\Run: [FILE] C:\WINDOWS\abcdefg.exe
O4 - HKLM\..\Run: [NAVNet] "C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\ICD6.tmp\mparam.exe" /m
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [4d85gno3] C:\WINDOWS\system32\4d85gno3.exe
O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe
O4 - HKLM\..\Run: [3FFV38Q] sdbtf.exe
O4 - HKLM\..\Run: [sllkek] c:\windows\system32\csqvnab.exe r
O4 - HKLM\..\Run: [Gram test platform axis] C:\Documents and Settings\All Users\Application Data\Bike License Gram Test\more bash.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKCU\..\Run: [Face obj] C:\DOCUME~1\MAERBE~1\APPLIC~1\FLAPFO~1\bolt bike.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MessengerDiscovery] C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1041.dll,InstantAccess
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000080.exe
O4 - HKCU\..\Run: [Iow9RUctT] dsuatm.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [Steam] C:\valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Conversion CLIE - C:\Program Files\Sony\Image Converter\menu.htm
O8 - Extra context menu item: Conversion CLIÉ - C:\Program Files\Sony\Image Converter\menu.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
O16 - DPF: Interface Chat Voila - http://chat5.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_nos.exe
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int10.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_FR_XP.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/WebsiteAccess/ie/bridge-c1.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_FR_XP.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} - http://www.20x2p.com/b98b0f2a/mparam.cab
O16 - DPF: {27DA08CF-FCDB-C812-102C-35416A233100} - http://sex.xxxhard.com/starnews.exe
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binaries/IA/svcsysnet32_FR_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20041101/qtinstall.info.apple.com/pthalo/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a936.g.akamai.net/7/936/537/00000002/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/13536/CD/Diabloteen.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_FR_XP.cab
O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) - http://www.normal.video-party.com/class/webcam2.cab
O18 - Protocol: bw+0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe

Je n'ai malheureusement pas pu faire les scan online car un message me disait que ma version internet explorer est trop vieille alors que c'est la derniere...Alors impossiblie de faire le moindre scan online....

En attendant vos prochains ordres pour rétablir mon PC...
merci déjà et d'avance
a+!
0
Réponse 15 / 42
Utilisateur anonyme
 
désolé, jai du m'absenter

telecharge smitfraudfix ici:
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
dezippe le et lance le.
choisis l'option 1 (rechercher)
fais un copier/coller du résultat ici

on verra le reste apres
0
Réponse 16 / 42
Chocoboule Messages postés 15 Statut Membre
 
slt moe!
lool t'as pas à t'escuser , vu déjà tout ce que tu fais pour moi vraiment c'est énorme...

alors voila le rapport de smitfraudfix:

SmitFraudFix v1.1

Rapport fait à 20:18:51,48 le 23/07/2005
Executé à partir de C:\Documents and Settings\Ma‹er Benjamin\Mes documents\Logiciels Tel
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS

C:\WINDOWS\screen.html PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\Ma‹er Benjamin\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

a+
0
Réponse 17 / 42
Utilisateur anonyme
 
ok

relance le et choisis l'option 2 et repond oui à tout

ensuite vérifie ceci:

Démarrer > panneau de configuration > affichage
clic sur l'onglet bureau
clic sur personnalisation du bureau
clic sur l'onglet Web
supprime tout ce qui se trouve ici, sauf "Ma page d'acceuil" qui doit rester DECOCHE
une fois fait, ca doit etre comme sur cette image:
http://get.yourfile.net/ie52977.gif

remet un fond d'écran

Maintenant il reste le plus gros du nettoyage à faire car tu as beaucoup de spy, trojans et vers dans ton pc.
On aura besoin de quelques progs pour ca.

Fais dejà ceci et ensuite reposte un hijack

a+
0
Réponse 18 / 42
Chocoboule Messages postés 15 Statut Membre
 
Hey
alors j'ai tout fais et je n'ai plus de warning mais je n'arrive plus à remettre de fond d'écran...Mon fond d'écran reste gris bleu...Comment pouvoir remettre un fond d'écran?

voici mon new hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 21:35:51, on 23/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.exe
c:\windows\system32\csqvnab.exe
C:\Apps\ActivBoard\MMKeybd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\svchost.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Fichiers communs\services.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Winamp\Winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\Rar$EX00.735\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.aduyfhidrbmhzft.com/Lvkrswy4nesPn9brPURefaYAOK_hn9jEbTkS_dpTzGiMcjtoAcC1GMyBnForhH5N.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rgagbkkfkdoeygvadscyjocug.com/Lvkrswy4neukROsxzu/RKiYwHMDodQ/gVckuNhYPHYg.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Shorty - {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6} - C:\Program Files\DNS\Catcher.dll
O2 - BHO: (no name) - {746FEAED-2D2A-BB28-772D-1CF8BB5B3DBC} - C:\DOCUME~1\MAERBE~1\APPLIC~1\KEEPLI~1\List heart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DKQXEK] C:\WINDOWS\DKQXEK.exe
O4 - HKLM\..\Run: [CGMTDJQW] C:\WINDOWS\CGMTDJQW.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [WinMsgService] C:\WINDOWS\System32\System.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Binxf] C:\Program Files\Qdjett\Fvrtlu.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [owns blue bone bags] C:\Documents and Settings\All Users\Application Data\ooze burn owns blue\Tick Meal.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKLM\..\Run: [REGRUN] C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\RarSFX0\4.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteirl32.exe
O4 - HKLM\..\Run: [HELPER] C:\WINDOWS\system32\temp532.exe -N
O4 - HKLM\..\Run: [WinNite32] C:\WINDOWS\winsystem.exe
O4 - HKLM\..\Run: [FILE] C:\WINDOWS\abcdefg.exe
O4 - HKLM\..\Run: [NAVNet] "C:\DOCUME~1\MAERBE~1\LOCALS~1\Temp\ICD6.tmp\mparam.exe" /m
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [4d85gno3] C:\WINDOWS\system32\4d85gno3.exe
O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe
O4 - HKLM\..\Run: [3FFV38Q] sdbtf.exe
O4 - HKLM\..\Run: [sllkek] c:\windows\system32\csqvnab.exe r
O4 - HKLM\..\Run: [Gram test platform axis] C:\Documents and Settings\All Users\Application Data\Bike License Gram Test\more bash.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKCU\..\Run: [Face obj] C:\DOCUME~1\MAERBE~1\APPLIC~1\FLAPFO~1\bolt bike.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MessengerDiscovery] C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1041.dll,InstantAccess
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] winDSL.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000080.exe
O4 - HKCU\..\Run: [Iow9RUctT] dsuatm.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [Steam] C:\valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Conversion CLIE - C:\Program Files\Sony\Image Converter\menu.htm
O8 - Extra context menu item: Conversion CLIÉ - C:\Program Files\Sony\Image Converter\menu.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
O16 - DPF: Interface Chat Voila - http://chat5.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_nos.exe
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int10.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_FR_XP.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/WebsiteAccess/ie/bridge-c1.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_FR_XP.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} - http://www.20x2p.com/b98b0f2a/mparam.cab
O16 - DPF: {27DA08CF-FCDB-C812-102C-35416A233100} - http://sex.xxxhard.com/starnews.exe
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binaries/IA/svcsysnet32_FR_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20041101/qtinstall.info.apple.com/pthalo/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a936.g.akamai.net/7/936/537/00000002/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/13536/CD/Diabloteen.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_FR_XP.cab
O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) - http://www.normal.video-party.com/class/webcam2.cab
O18 - Protocol: bw+0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B8B621AC-84DA-4F02-9E2E-76ACB6768669} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe

a+ pour,les news logs!
0
Réponse 19 / 42
Utilisateur anonyme
 
tu as fais ceci:
Démarrer > panneau de configuration > affichage
clic sur l'onglet bureau
clic sur personnalisation du bureau
clic sur l'onglet Web
supprime tout ce qui se trouve ici, sauf "Ma page d'acceuil" qui doit rester DECOCHE
valide
une fois fait, ca doit etre comme sur cette image:
http://get.yourfile.net/ie52977.gif

ensuite fais un clic droit sur une image et clic sur "definir en tant que papier peint de bureau"
0
Réponse 20 / 42
Chocoboule Messages postés 15 Statut Membre
 
nikellllllll
Rah chu tro content!!!
plus de warning et plus de croix !!!
Reste lpus que les logs à tel pour tout laver!!!
Merci beaucoup déjà C'est trotrotroo simpas!!!

Alors je dois tel quoi maitre?:p
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Mac comment taper l'inverse d'un slash (/) ?
caldu -
@Adriendu10_MC sur Twitter -

12 réponses
Le Backslash
ClownClone -
baladur13 -

12 réponses
Comment taper le anti slash?
Flagadatof -
SANG -

26 réponses