Touché par PS guard

Résolu
gordon -  
 Utilisateur anonyme -
Bonjour,
J'ai été touché par PS guard ,j'ai utilisé hijackthis et j'ai fixé quelques lignes mais les R1 restent incorrectes (mauvaise page d'accueil).
voici le rapport :
Logfile of HijackThis v1.99.1
Scan saved at 21:12:17, on 27/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\PROGRA~1\AGNITUM\OUTPOS~1.0\outpost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\intell32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Standard\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/space.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/space.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {93BFCEC0-415D-4024-9576-7CE5111F0B58} - C:\WINDOWS\system32\dcgp.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\system32\intell32.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Tip For Click - {DCC55D41-107F-11d4-8647-00A0CC5BDEA8} - C:\WINDOWS\SYSTEM32\TIP4CL~1.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: Tip4Click - http://www.tipforclick.com/units/tip4click.cab
O16 - DPF: Win32 Classes -
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://images.goa.com/it/Woo2/fr/20031030/Downloads/npwwg.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://wanadoo.metaboli.fr/components/ExentCtl.ocx
O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/pc/resources/activex/Ephoto.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game16.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game16.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) - http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
O16 - DPF: {DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C} (NSUpdateLiteCtrl Class) - http://204.177.92.201/quickdl/proclaim/NSupd9x.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E3CA77B-A5BC-443A-9C81-A43DB4DDB414}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {249378E2-0BE7-4976-9A35-111365EA7227} - C:\WINDOWS\system32\dcgp.dll
O18 - Filter: text/plain - {249378E2-0BE7-4976-9A35-111365EA7227} - C:\WINDOWS\system32\dcgp.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\AGNITUM\OUTPOS~1.0\outpost.exe

j'attends vos réponses et vos solutions pour supprimer PS guard de l'ordi(entendu parlé de ad-aware et ewido....que faire?)
Merci encore

9 réponses

  1. gordon
     
    voila c fait..voici le rapport...deja merci!

    SmitFraudFix v1.81

    Rapport fait à 21:42:40,91 le 27/08/2005
    Executé à partir de C:\Documents and Settings\Standard\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600]

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS

    C:\WINDOWS\uninstIU.exe PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32

    C:\WINDOWS\system32\intell32.exe PRESENT !
    C:\WINDOWS\system32\oleext.dll PRESENT !
    C:\WINDOWS\system32\wppp.html PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\Standard\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche fichiers créés le 27/08/2005
    !!! Attention, les fichiers qui suivent ne sont pas forcément infectés !!!

    C:\pagefile.sys
    C:\WINDOWS\QTW.INI
    C:\WINDOWS\SIERRA.INI
    C:\WINDOWS\bootstat.dat
    C:\WINDOWS\0.log
    C:\WINDOWS\WindowsUpdate.log
    C:\WINDOWS\SchedLog.Txt
    C:\WINDOWS\uninstIU.exe
    C:\WINDOWS\wiaservc.log
    C:\WINDOWS\wiadebug.log
    C:\WINDOWS\system32\wpa.dbl
    C:\WINDOWS\system32\dcgp.dll
    C:\WINDOWS\system32\intell32.exe
    C:\WINDOWS\system32\wppp.html

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de la clé HKLM\SOFTWARE\SHUDDERLTD

    HKLM\SOFTWARE\SHUDDERLTD Présent !

    C:\WINDOWS\system32\wininet.dll infecté !

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche wininet.dll de remplacement

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 39EA-DF6D

    R‚pertoire de C:\WINDOWS\SYSTEM32

    19/08/2004 16:09 660ÿ480 wininet.dll
    1 fichier(s) 660ÿ480 octets

    R‚pertoire de C:\WINDOWS\$NtServicePackUninstall$

    28/08/2001 12:00 598ÿ016 wininet.dll
    1 fichier(s) 598ÿ016 octets

    R‚pertoire de C:\WINDOWS\ServicePackFiles\i386

    19/08/2004 16:09 660ÿ480 wininet.dll
    1 fichier(s) 660ÿ480 octets

    »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
    0
  2. Utilisateur anonyme
     
    salut

    Redémarre en mode sans échec
    Redemarre le pc, laisse passer l'écran du bios, puis tapote sur la touche F8 avant qu'apparaisse l'écran de chargement de windows.
    Choisis le mode sans échec dans les options et valide avec entrée.

    Rend visible les fichiers cachés et systeme
    panneau de configuration > options des dossiers > onglet affichage
    Cocher la case devant " afficher les fichiers et dossiers cachés "
    Décocher la case devant " masquer les extentions des fichiers dont le type est connu"
    Décocher la case devant " masquer les fichiers protégés du système"
    clic sur [Appliquer] puis sur [ok] pour valider

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

    Lance hijackthis et clic sur [do a system scan only]
    cocher la case au début des lignes suivantes:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/space.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/space.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

    O2 - BHO: (no name) - {93BFCEC0-415D-4024-9576-7CE5111F0B58} - C:\WINDOWS\system32\dcgp.dll
    O9 - Extra button: Tip For Click - {DCC55D41-107F-11d4-8647-00A0CC5BDEA8} - C:\WINDOWS\SYSTEM32\TIP4CL~1.DLL
    O16 - DPF: Tip4Click - http://www.tipforclick.com/units/tip4click.cab
    O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) - http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
    O16 - DPF: {DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C} (NSUpdateLiteCtrl Class) - http://204.177.92.201/quickdl/proclaim/NSupd9x.cab
    O18 - Filter: text/html - {249378E2-0BE7-4976-9A35-111365EA7227} - C:\WINDOWS\system32\dcgp.dll
    O18 - Filter: text/plain - {249378E2-0BE7-4976-9A35-111365EA7227} - C:\WINDOWS\system32\dcgp.dll

    valider en cliquant sur [fix checked]

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

    Recherche et supprime:

    C:\WINDOWS\SYSTEM32\tip4click.dll
    C:\WINDOWS\system32\dcgp.dll

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

    Ensuite, tres important:

    :: Supprimer les fichiers temporaires ::

    * C:\Documents and Settings\ton compte\Local Settings\Temp
    * C:\Windows\Temp

    vider tout le contenu de ces dossiers.

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

    lance smitfraudfix et choisis l'option 2, et repond oui à tout

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

    redemarre normallement, reposte un hijack + le rapport de smitfraudfix

    a+
    0
  3. gordon
     
    je crois que le cauchemar est terminé!
    De nouveau le bon fond d'écran et plus le petit panneau rouge
    voici les rapports:

    Logfile of HijackThis v1.99.1
    Scan saved at 22:29:42, on 27/08/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\PROGRA~1\AGNITUM\OUTPOS~1.0\outpost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\WINDOWS\Mixer.exe
    C:\PROGRA~1\WANADOO\CnxMon.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\PROGRA~1\WANADOO\TaskbarIcon.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\WINDOWS\system32\LVComS.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Standard\Bureau\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL
    O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
    O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
    O16 - DPF: Win32 Classes -
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://images.goa.com/it/Woo2/fr/20031030/Downloads/npwwg.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://wanadoo.metaboli.fr/components/ExentCtl.ocx
    O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/pc/resources/activex/Ephoto.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game16.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
    O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game16.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3E3CA77B-A5BC-443A-9C81-A43DB4DDB414}: NameServer = 80.10.246.130 80.10.246.3
    O18 - Protocol: bw+0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {5701D10E-ADD3-4284-88F4-EA5A65CEF41D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\AGNITUM\OUTPOS~1.0\outpost.exe

    et le deuxieme:

    SmitFraudFix v1.81

    Rapport fait à 22:32:32,84 le 27/08/2005
    Executé à partir de C:\Documents and Settings\Standard\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600]

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32

    C:\WINDOWS\system32\wppp.html PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\Standard\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de la clé HKLM\SOFTWARE\SHUDDERLTD

    HKLM\SOFTWARE\SHUDDERLTD non trouvé.

    »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

    MERCI BEAUCOUP, BEAUCOUP, BEAUCOUP!!!!

    *** faut t'il supprimer tous les dossirs s'apparentant à PS guard??***
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. Utilisateur anonyme
     
    salut

    oui, tu peux supprimer toute les icones, raccourcis, favoris etc.. qui appartiennent à psguard

    supprime aussi:
    C:\WINDOWS\system32\wppp.html

    a+
    0
  6. gordon
     
    j'ai juste oublié un petit détail....pas de fichier dll dcgp ds system32....j'espère que ce n'est pas un probléme pour le bon fonctionnement de l'ordinateur.
    Merci encore!
    0
  7. Utilisateur anonyme
     
    tu as rendu visible les fichiers systemes aussi, avant de le rechercher ?
    0
  8. gordon
     
    j'ai pu supprimer wppp.html mais toujours pas trouvé dcgp.dll ds system 32....j'ai bien vérifié que les files system sont visibles....mais l'essentiel c qu'il n'y a plus de pb!

    Merci enkor mille fois!!!!
    0