Sujet Précédent Sujet Suivant

Analyse log hijackthis suite à nettoyage

ZedroS -  
 Utilisateur anonyme -
Bonjour

Je viens de faire un tour sur le pc parental, et bonjour la cata : antivir signale un troyen tous les 5 minutes (un certain TR/Dldr.Swizzor.CO), il y a une barre en plus dans IE (mais j'utilise Firefox là) et des icones toutes bizarres sont présentes sur le bureau, genre Find a date et compagnie.

J'ai fait un Adaware, un antivir est passé, j'ai supprimé plein de fichiers temporaires, spybot a été installé et lancé et j'ai passé HijackThis dessus comme j'ai vu que c'était conseillé sur le forum.

La zone bonne nouvelle : le troyen n'a plus l'air d'être présent.

Mon résultat est le suivant :

Logfile of HijackThis v1.99.1
Scan saved at 19:55:58, on 30/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\AVPersonal\AVSched32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\StarOffice6.0\program\soffice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVPersonal\INETUPD.EXE
C:\Documents and Settings\Pachot\Bureau\hijackthis\HijackThis.exe
C:\Program Files\AVPersonal\Notifier.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tvmjkookkprqnpx.com/t9qh341NzzYJXqpZSaCbU_Jwzrlmc_Zn0oQXvYnlda0U7uRzjFdH5qwufqsmu_El.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vrckxfxlmyiarttjzwmwefwi.com/t9qh341NzzasMo49WJLmDO5WFl/BdJmF9dEA6RuWEII.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 213.159.117.217 www.0190-dialer.com
O1 - Hosts: 213.159.117.217 www.22469.com
O1 - Hosts: 213.159.117.217 www.3wisp.com
O1 - Hosts: 213.159.117.217 www.adult-cinema.org
O1 - Hosts: 213.159.117.217 www.adultfreehosting.com
O1 - Hosts: 213.159.117.217 www.adulthosting.com
O1 - Hosts: 213.159.117.217 www.adultlinks1.com
O1 - Hosts: 213.159.117.217 www.adultmegamovies.com
O1 - Hosts: 213.159.117.217 www.adultsexmovie.net
O1 - Hosts: 213.159.117.217 www.adultwall.com
O1 - Hosts: 213.159.117.217 www.afro-sex.com
O1 - Hosts: 213.159.117.217 www.agreathost.net
O1 - Hosts: 213.159.117.217 www.alehina.com
O1 - Hosts: 213.159.117.217 www.allnichestgp.com
O1 - Hosts: 213.159.117.217 www.allowednet.com
O1 - Hosts: 213.159.117.217 www.amateurlips.com
O1 - Hosts: 213.159.117.217 www.amateurnudephoto.com
O1 - Hosts: 213.159.117.217 www.amateursgonebad.com
O1 - Hosts: 213.159.117.217 www.ambersamateurhardcore.com
O1 - Hosts: 213.159.117.217 www.anyamateur.com
O1 - Hosts: 213.159.117.217 www.apornhost.com
O1 - Hosts: 213.159.117.217 www.findmodels.com
O1 - Hosts: 213.159.117.217 www.asianscum.com
O1 - Hosts: 213.159.117.217 www.awethumbs.com
O1 - Hosts: 213.159.117.217 www.badassxxx.com
O1 - Hosts: 213.159.117.217 www.badbimbo.com
O1 - Hosts: 213.159.117.217 www.beautifulbondage.com
O1 - Hosts: 213.159.117.217 www.bestpornhost.com
O1 - Hosts: 213.159.117.217 www.biggestdickinporn.net
O1 - Hosts: 213.159.117.217 www1.3wisp.com
O1 - Hosts: 213.159.117.217 www1.kinghost.com
O1 - Hosts: 213.159.117.217 www1.ndhosting.com
O1 - Hosts: 213.159.117.217 www1.sexls.com
O1 - Hosts: 213.159.117.217 www1.toptgphost.com
O1 - Hosts: 213.159.117.217 www1.xfreehosting.com
O1 - Hosts: 213.159.117.217 www10.kinghost.com
O1 - Hosts: 213.159.117.217 www11.kinghost.com
O1 - Hosts: 213.159.117.217 www12.kinghost.com
O1 - Hosts: 213.159.117.217 www2.3wisp.com
O1 - Hosts: 213.159.117.217 www2.kinghost.com
O1 - Hosts: 213.159.117.217 www2.ndhosting.com
O1 - Hosts: 213.159.117.217 www2.toptgphost.com
O1 - Hosts: 213.159.117.217 www2.xfreehosting.com
O1 - Hosts: 213.159.117.217 www2.zpornstars.com
O1 - Hosts: 213.159.117.217 www3.kinghost.com
O1 - Hosts: 213.159.117.217 www3.ndhosting.com
O1 - Hosts: 213.159.117.217 www3.xfreehosting.com
O1 - Hosts: 213.159.117.217 www3.zpornstars.com
O1 - Hosts: 213.159.117.217 www30.smutserver.com
O1 - Hosts: 213.159.117.217 www31.smutserver.com
O1 - Hosts: 213.159.117.217 www32.smutserver.com
O1 - Hosts: 213.159.117.217 www4.kinghost.com
O1 - Hosts: 213.159.117.217 www4.xfreehosting.com
O1 - Hosts: 213.159.117.217 www4.zpornstars.com
O1 - Hosts: 213.159.117.217 www5.kinghost.com
O1 - Hosts: 213.159.117.217 www6.kinghost.com
O1 - Hosts: 213.159.117.217 www7.kinghost.com
O1 - Hosts: 213.159.117.217 www8.kinghost.com
O1 - Hosts: 213.159.117.217 www9.kinghost.com
O1 - Hosts: 213.159.117.217 www.bigmovies.com
O1 - Hosts: 213.159.117.217 www.bigpornvideos.com
O1 - Hosts: 213.159.117.217 www.big-xxx-movies.com
O1 - Hosts: 213.159.117.217 www.samplehosting.com
O1 - Hosts: 213.159.117.217 www.blinghosting.com
O1 - Hosts: 213.159.117.217 www.blitz-hosting.com
O1 - Hosts: 213.159.117.217 www.boyanxxx.com
O1 - Hosts: 213.159.117.217 www.bustyx.com
O1 - Hosts: 213.159.117.217 www.cleanadulthost.com
O1 - Hosts: 213.159.117.217 www.cleanpornhost.com
O1 - Hosts: 213.159.117.217 www.cyberxxxhost.com
O1 - Hosts: 213.159.117.217 www.dialcom.com
O1 - Hosts: 213.159.117.217 www.eldererotica.tv
O1 - Hosts: 213.159.117.217 www.ethniccash.com
O1 - Hosts: 213.159.117.217 www.exploitedblackteens.net
O1 - Hosts: 213.159.117.217 www.exscapeporn.com
O1 - Hosts: 213.159.117.217 www.fantasiegirl.com
O1 - Hosts: 213.159.117.217 www.fastmailer.info
O1 - Hosts: 213.159.117.217 www.filth-hostz.com
O1 - Hosts: 213.159.117.217 www.free-freeporn.com
O1 - Hosts: 213.159.117.217 www.free-xxx-server.com
O1 - Hosts: 213.159.117.217 www.freexxxvideoclip.com
O1 - Hosts: 213.159.117.217 www.fvotd.com
O1 - Hosts: 213.159.117.217 www.galaporn.com
O1 - Hosts: 213.159.117.217 www.18blowjobs.com
O1 - Hosts: 213.159.117.217 www.bigtitsroundasses.com
O1 - Hosts: 213.159.117.217 www.bikinivoyeur.com
O1 - Hosts: 213.159.117.217 www.blacksonblondes.com
O1 - Hosts: 213.159.117.217 www.easydrunkgirls.com
O1 - Hosts: 213.159.117.217 www.markscash.com
O1 - Hosts: 213.159.117.217 www.milfwhore.com
O1 - Hosts: 213.159.117.217 www.springbreakspycam.com
O1 - Hosts: 213.159.117.217 www.sweetmoney.com
O1 - Hosts: 213.159.117.217 www.wildclubvideos.com
O1 - Hosts: 213.159.117.217 www.gallys.camcorderxxx.com
O1 - Hosts: 213.159.117.217 www.gallys.nastydollars.com
O1 - Hosts: 213.159.117.217 www.gayhost4free.com
O1 - Hosts: 213.159.117.217 www.ghostgalleries.com
O1 - Hosts: 213.159.117.217 www.girls2.twistys.net
O1 - Hosts: 213.159.117.217 www.greatfreehost.com
O1 - Hosts: 213.159.117.217 www.hanksgalleries.com
O1 - Hosts: 213.159.117.217 www.hjemmesex.dk
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O2 - BHO: (no name) - {F0BA60BC-BF48-CEBF-A125-62D7C4F785CA} - C:\DOCUME~1\Pachot\APPLIC~1\IDOLIN~1\stop hide.exe (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [Name Rule Okay Dupe] C:\Documents and Settings\All Users\Application Data\batprogramnamerule\grimwave.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [funk slow] C:\DOCUME~1\Pachot\APPLIC~1\CREATI~1\Internet Show.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: StarOffice 6.0.lnk = C:\Program Files\StarOffice6.0\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://encyclo.voila.fr/JS/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {CB0A3F8D-D447-49E4-9AAD-E1E64EC7117F} - C:\Documents and Settings\Pachot\Local Settings\Application Data\microsoft\internet explorer\V0.34.dat
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Que pouvez vous m'en dire ?

Merci d'avance !

Cordialement,
ZedroS
A voir également:

3 réponses

Réponse 1 / 3
ZedroS
 
Encore une petite question : un film téléchargé depuis eMule ne veut plus se laisser effacer, car un processus est soit disant en train de l'utiliser. J'ai essayé de le virer en mode sans échec mais ça n'a pas marché non plus...

Des pistes ?

Encore merci d'avance à vous !

++
ZedroS
0
Réponse 2 / 3
Utilisateur anonyme
 
Salut,

Tu peux deja fixer :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tvmjkookkprqnpx.com/t9qh341NzzYJXqpZSaCbU_Jwzrlmc_Zn0oQXvYnlda0U7uRzjFdH5qwufqsmu_El.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vrckxfxlmyiarttjzwmwefwi.com/t9qh341NzzasMo49WJLmDO5WFl/BdJmF9dEA6RuWEII.htm

toute les entrèes:
01-hosts...

Pour le reste je laisse faire les pro ;)
0
ZedroS
 
Suppression effectuée, nouveau log :

Logfile of HijackThis v1.99.1
Scan saved at 20:14:19, on 30/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\AVPersonal\AVSched32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\StarOffice6.0\program\soffice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Documents and Settings\Pachot\Bureau\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O2 - BHO: (no name) - {F0BA60BC-BF48-CEBF-A125-62D7C4F785CA} - C:\DOCUME~1\Pachot\APPLIC~1\IDOLIN~1\stop hide.exe (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [Name Rule Okay Dupe] C:\Documents and Settings\All Users\Application Data\batprogramnamerule\grimwave.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [funk slow] C:\DOCUME~1\Pachot\APPLIC~1\CREATI~1\Internet Show.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: StarOffice 6.0.lnk = C:\Program Files\StarOffice6.0\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://encyclo.voila.fr/JS/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D53323F5-C19D-45AD-9E55-D8DF0E2F82C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {CB0A3F8D-D447-49E4-9AAD-E1E64EC7117F} - C:\Documents and Settings\Pachot\Local Settings\Application Data\microsoft\internet explorer\V0.34.dat
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Mieux déjà !

Merci à toi !

++
ZedroS
0
Réponse 3 / 3
Utilisateur anonyme
 
salut

la prochaine fois que tu dois installer ou reinstaller messenger plus, coche la case en debut d'install qui refuse d'installer le sponsor, sinon comme tu viens de t'en appercevoir, tu installe en meme temps un trojan (swizzor) alias lop.com

telecharge ce prog ici:
http://get.yourfile.net/oe73160.zip
dezippe le (clic droit dessus > extraire tout)
ensuite double clic sur lopxp.bat
le bloc note va s'ouvrir, copie et colle le contenu ici

a+
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Meilleure application pour nettoyer IPhone et photos
Berline -
Berline -

3 réponses
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses
Nouveau tag ajouté - Utilité
Eerfers -
madmyke -

1 réponse