Swizzor .dq
Fermé
remi
-
13 oct. 2005 à 21:00
BmV Messages postés 91469 Date d'inscription samedi 24 août 2002 Statut Modérateur Dernière intervention 18 décembre 2024 - 14 oct. 2005 à 10:56
BmV Messages postés 91469 Date d'inscription samedi 24 août 2002 Statut Modérateur Dernière intervention 18 décembre 2024 - 14 oct. 2005 à 10:56
bonsoir,
apres analyse secuser, infection virus swizzor.dq
j'ai fait analyse et voici compte rendu
merci de votre aide pour le supprimer
Logfile of HijackThis v1.99.1
Scan saved at 20:19:03, on 13/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Network Associates\VirusScan\Webscanx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\anvshell.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Wanadoo\taskbaricon.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Keyboard\kbdap32a.EXE
C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Mouse\mouse32a.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.vxhswcchgfowkqiscwp.com/VJHPGqhwtHRIUsTtW4Q3ALSd4_gswjvGZD5CXt5gSJuK3G9G9sg9kJDyFdpMXUH6.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {A4B2474C-2C66-DF18-911F-E82ACBE402CB} - C:\PROGRA~1\STORED~1\teststop.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\ORL\VNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [burndoggrimtest] C:\Documents and Settings\All Users\Application Data\Play Save Burn Dog\Corn army.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [Ulead Memory Card Detector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\RMI~1\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [awv8RXbnO] hccloc.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm92630
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093466697718
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123333856718
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/pc/resources/activex/Ephoto.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/region/fr/techsupp/activedata/ActiveData.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: bw+0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: McShield - Unknown owner - C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: Service SNMP (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe (file missing)
O23 - Service: Service d'interruption SNMP (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
apres analyse secuser, infection virus swizzor.dq
j'ai fait analyse et voici compte rendu
merci de votre aide pour le supprimer
Logfile of HijackThis v1.99.1
Scan saved at 20:19:03, on 13/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Network Associates\VirusScan\Webscanx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\anvshell.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Wanadoo\taskbaricon.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Keyboard\kbdap32a.EXE
C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Mouse\mouse32a.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.vxhswcchgfowkqiscwp.com/VJHPGqhwtHRIUsTtW4Q3ALSd4_gswjvGZD5CXt5gSJuK3G9G9sg9kJDyFdpMXUH6.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {A4B2474C-2C66-DF18-911F-E82ACBE402CB} - C:\PROGRA~1\STORED~1\teststop.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\ORL\VNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [burndoggrimtest] C:\Documents and Settings\All Users\Application Data\Play Save Burn Dog\Corn army.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\3011A WIRELESS OPTICAL DESKSET\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [Ulead Memory Card Detector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\RMI~1\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [awv8RXbnO] hccloc.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm92630
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093466697718
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123333856718
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/pc/resources/activex/Ephoto.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/region/fr/techsupp/activedata/ActiveData.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: bw+0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {9AFE886C-054B-46E3-814E-DE8E1239CB86} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: McShield - Unknown owner - C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: Service SNMP (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe (file missing)
O23 - Service: Service d'interruption SNMP (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
2 réponses
Real Mona
Messages postés
1432
Date d'inscription
jeudi 1 juillet 2004
Statut
Membre
Dernière intervention
9 août 2016
94
14 oct. 2005 à 08:53
14 oct. 2005 à 08:53
Bonjour,
Tout d'abord désinstalle msn messenger plus.
Ensuite, va sur http://www.ewido.net/fr/download/
Tu l'installes et tu le mets à jour.
Fais un scan en mode complet.
Sauvegardes le rapport et copie le ici
Et après remet un log Hijackthis.
A+
M.
Tout d'abord désinstalle msn messenger plus.
Ensuite, va sur http://www.ewido.net/fr/download/
Tu l'installes et tu le mets à jour.
Fais un scan en mode complet.
Sauvegardes le rapport et copie le ici
Et après remet un log Hijackthis.
A+
M.
BmV
Messages postés
91469
Date d'inscription
samedi 24 août 2002
Statut
Modérateur
Dernière intervention
18 décembre 2024
4 698
14 oct. 2005 à 10:56
14 oct. 2005 à 10:56
Salut tous.
OK, on continue donc ici : http://www.commentcamarche.net/forum/affich.php3?ID=1851512#4
A+
OK, on continue donc ici : http://www.commentcamarche.net/forum/affich.php3?ID=1851512#4
A+
14 oct. 2005 à 09:10
je suis au boulot donc je verrais çà ce soir. Par contre j'ai oublié de preciser que j'avais aussi pb avec update pour windows qui ne veux plus telecharger MAJ et aussi avec outlook. "carnet d'adresse" donc je peux lire les messages mais je ne peux pas y repondre il y avait un message "pb DLL"
merci de vos suggestions
14 oct. 2005 à 09:17
Regarde par là ::
http://www.commentcamarche.net/forum/affich-1847525-trojan-swizzor-dq
Deux post
A+
14 oct. 2005 à 09:19
Je ne comprends pas ce que tu veux que je vois ?
M.
14 oct. 2005 à 09:25
voila pourquoi marie te dit cela
merci de votre aide
14 oct. 2005 à 10:32
Rémi a posté plusieurs log, donc je voulais te le faire savoir.
Rien de méchant. Il s'est un peu embrouillé. lol
Bises