Sujet Précédent Sujet Suivant

Soupconne de gros problemes

crafie Messages postés 12 Statut Membre -  
 Utilisateur anonyme -
bonjour les mousquetaires.
je pense que mon systeme est presque en guangrene,
j'apprecierais de la communaute savante un coup de pouce , j'ajoute que je suis un novice (vines de decouvrir le hijackthis) dont voici la copie que j'ai sauvegarde. merci d'avance. syst exp win xp.
Logfile of HijackThis v1.99.1
Scan saved at 01:45:08, on 2005-10-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\kaqiao.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\updatetc.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Wtzauk\Abpio.exe
C:\WINDOWS\xkoried.exe
C:\WINDOWS\system32\004ti61v.exe
C:\Program Files\Media Gateway\MediaGateway.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\WINDOWS\system32\intccw.exe
C:\WINDOWS\System32\m?dtc.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\usnu\aslp.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QuickZip\QuickZip.exe
C:\DOCUME~1\ABDERR~1\LOCALS~1\Temp\QZTEMP\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pages2start.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.pages2start.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - (no file)
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfgmgr52.dll
O2 - BHO: (no name) - {00A0A40C-F432-4C59-BA11-B25D142C7AB7} - C:\WINDOWS\system32\mskceo.dll
O2 - BHO: (no name) - {0982868C-47F0-4EFB-A664-C7B0B1015808} - C:\WINDOWS\system32\mskhhe.dll
O2 - BHO: (no name) - {13C9BB65-0DDF-2573-D5FD-21404598FDE9} - C:\WINDOWS\system32\zoa.dll (file missing)
O2 - BHO: (no name) - {16DE8FC9-3928-1BDD-2902-4EB60A3CF5B8} - C:\WINDOWS\system32\huv.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CUrlCliObj Object - {94927A13-4AAA-476A-989D-392456427688} - C:\WINDOWS\system32\msfnpo.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll
O2 - BHO: (no name) - {D45722E8-A97D-38C2-F91F-7E35660EA42B} - C:\WINDOWS\cvdxhboj.dll
O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\system32\msnkmi.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll
O3 - Toolbar: ZILLAbar - {8FC8AE66-AC15-4C0D-9E9A-51296A0C52FA} - C:\Program Files\ISSS\ZILLAbar\ZILLAbar.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [cluia] C:\WINDOWS\System32\cluia.exe
O4 - HKLM\..\Run: [dptspn] C:\WINDOWS\System32\dptspn.exe
O4 - HKLM\..\Run: [erifierv] C:\WINDOWS\System32\erifierv.exe
O4 - HKLM\..\Run: [hrpubws] C:\WINDOWS\System32\hrpubws.exe
O4 - HKLM\..\Run: [jlmonp] C:\WINDOWS\System32\jlmonp.exe
O4 - HKLM\..\Run: [mdmxfrmu] C:\WINDOWS\System32\mdmxfrmu.exe
O4 - HKLM\..\Run: [nmpsnaps] C:\WINDOWS\System32\nmpsnaps.exe
O4 - HKLM\..\Run: [qoa10m] C:\WINDOWS\System32\qoa10m.exe
O4 - HKLM\..\Run: [scpx32rm] C:\WINDOWS\System32\scpx32rm.exe
O4 - HKLM\..\Run: [rbenh 0l1004] "C:\Program Files\RBEnhance\rbenh.exe"
O4 - HKLM\..\Run: [Belt] C:\WINDOWS\Belt.exe
O4 - HKLM\..\Run: [rb32 lptt01] "C:\Program Files\rb32\rb32.exe"
O4 - HKLM\..\Run: [sctjd] C:\WINDOWS\jmiejqoj.exe
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Search-Exe] "C:\Program Files\se\v11\se.EXE" /H
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [tpcupdater] C:\WINDOWS\updatetc.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Ezcmnouq] C:\Program Files\Wtzauk\Abpio.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\system32\mskkk.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EaEIoZh] C:\WINDOWS\xkoried.exe
O4 - HKLM\..\Run: [EaEIoZh$vùõš/‚²‘ÆßC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xkoried.exe
O4 - HKLM\..\Run: [Á³# L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xkoried.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\lpgssd.exe reg_run
O4 - HKLM\..\Run: [004ti61v] C:\WINDOWS\system32\004ti61v.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [azerpe] C:\WINDOWS\system32\kaqiao.exe r
O4 - HKLM\..\Run: [intccw] C:\WINDOWS\system32\intccw.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msmc] C:\WINDOWS\system32\msdioo.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BackWeb LiteInstaller] C:\DOCUME~1\ABDERR~1\LOCALS~1\Temp\ins2.tmp\LiteInst.exe /NoIntervention
O4 - HKCU\..\Run: [Iez] C:\WINDOWS\System32\m?dtc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Widn] C:\Program Files\usnu\aslp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download using Download &Express - file://C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - C:\WINDOWS\system32\wuauclt.dll
O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - C:\WINDOWS\system32\wuauclt.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/loader2.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9F3009B-976B-41C4-A992-229DCCF3367C} (CoAxTrack Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O18 - Protocol: bw+0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {CC905FF6-B553-496C-9DFA-CFF65ADCD0FC} - C:\WINDOWS\system32\msjpnd.dll
O20 - AppInit_DLLs: mad.dll
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

13 réponses

Réponse 1 / 13
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour,
Commence par supprimer MSN PLUS.
Si tu utilises Msn Messenger, vaudrait mieux que tu supprimes Windows Messenger.
Et tu refais en log
A+
0
Réponse 2 / 13
Real Mona Messages postés 1432 Statut Membre 94
 
Bonjour,

Supprimer MSN plus et et Windows messenger, ne changera rien si tu as des virus. Mais effectivement, il est préférable de ne pas les avoir.

Fais deux scans en ligne sur :
http://www.bitdefender.com/scan/licence.php
Copie/colle le rapport ici
et
http://www.ewido.net/fr/download/
Tu l'installes et tu le mets à jour.
Fais un scan en mode complet.
Sauvegardes le rapport et copie le ici

et dans la foulée après ses scans copie un autre log HT avec.

A+
M.
0
Réponse 3 / 13
crafie Messages postés 12 Statut Membre
 
merci d'avoir repondu a mon message voici le resultat des scans comme vous m'avez demande, attenda avec impatience ce que vous en pensez encore une fois merci pour votre amabilite.
scan bitdefender
Statistics

Time
00:42:34

Files
162179

Folders
3369

Boot Sectors
3

Archives
1040

Packed Files
16226

Results

Identified Viruses
14

Infected Files
24

Suspect Files
3

Warnings
0

Disinfected
0

Deleted Files
15

Engines Info

Virus Definitions
225448

Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)

Scan plugins
13

Archive plugins
39

Unpack plugins
4

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\WINDOWS\system32\bandmqc.exe
Infected with: Trojan.Downloader.Qoologic.AC

C:\WINDOWS\system32\bandmqc.exe
Disinfection failed

C:\WINDOWS\system32\bandmqc.exe
Deleted

C:\WINDOWS\system32\mbckgv.exe
Infected with: GenPack:Trojan.Agent.AY

C:\WINDOWS\system32\mbckgv.exe
Disinfection failed

C:\WINDOWS\system32\mbckgv.exe
Delete failed

C:\WINDOWS\system32\janea.dll
Infected with: Trojan.Downloader.Qoologic.AC

C:\WINDOWS\system32\janea.dll
Disinfection failed

C:\WINDOWS\system32\janea.dll
Deleted

C:\WINDOWS\system32\n3bIi.exe
Infected with: Trojan.Downloader.Vb.DX

C:\WINDOWS\system32\n3bIi.exe
Disinfection failed

C:\WINDOWS\system32\n3bIi.exe
Delete failed

C:\WINDOWS\system32\LPGSSD.EXE
Infected with: Trojan.Downloader.Qoologic.AC

C:\WINDOWS\system32\LPGSSD.EXE
Disinfection failed

C:\WINDOWS\system32\LPGSSD.EXE
Delete failed

C:\WINDOWS\system32\SSJFSDD.DLL
Infected with: Trojan.Downloader.Qoologic.AC

C:\WINDOWS\system32\SSJFSDD.DLL
Disinfection failed

C:\WINDOWS\system32\SSJFSDD.DLL
Delete failed

C:\WINDOWS\system32\wuauclt.dll
Infected with: Trojan.Downloader.Qoologic.AE

C:\WINDOWS\system32\wuauclt.dll
Disinfection failed

C:\WINDOWS\system32\wuauclt.dll
Delete failed

C:\WINDOWS\system32\huv.dll
Infected with: Trojan.Purityad.CJ

C:\WINDOWS\system32\huv.dll
Disinfection failed

C:\WINDOWS\system32\huv.dll
Delete failed

C:\WINDOWS\system32\DrPMon.dll
Infected with: Trojan.Agent.DB

C:\WINDOWS\system32\DrPMon.dll
Disinfection failed

C:\WINDOWS\system32\DrPMon.dll
Delete failed

C:\WINDOWS\dbrcfpg.exe
Infected with: BehavesLike:Win32.ExplorerHijack

C:\WINDOWS\dbrcfpg.exe
Disinfection failed

C:\WINDOWS\dbrcfpg.exe
Deleted

C:\WINDOWS\updatetc.exe
Infected with: Trojan.Downloader.Agent.EL

C:\WINDOWS\updatetc.exe
Disinfection failed

C:\WINDOWS\updatetc.exe
Delete failed

C:\WINDOWS\wsem303.dll
Infected with: Trojan.Downloader.Dyfuca.DT

C:\WINDOWS\wsem303.dll
Disinfection failed

C:\WINDOWS\wsem303.dll
Delete failed

C:\WINDOWS\cfgmgr52.dll
Detected with: Adware.BookedSpace.E

C:\WINDOWS\cfgmgr52.dll
Disinfection failed

C:\WINDOWS\cfgmgr52.dll
Delete failed

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe=>wise0008
Infected with: Trojan.Downloader.Vb.AA

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe=>wise0008
Disinfection failed

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe=>wise0008
Deleted

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe
Update failed

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe=>wise0009
Suspected of: BehavesLike:Trojan.Downloader

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe=>wise0009
Disinfection failed

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe=>wise0009
Deleted

C:\Documents and Settings\abderrafi\Local Settings\Temporary Internet Files\Content.IE5\O3RJ2CL1\actulice[1].exe
Update failed

C:\Program Files\RBEnhance\RBENH.EXE
Infected with: Trojan.Downloader.IstBar.AK

C:\Program Files\RBEnhance\RBENH.EXE
Disinfection failed

C:\Program Files\RBEnhance\RBENH.EXE
Deleted

C:\Program Files\ISTsvc\istsvc.exe
Infected with: Trojan.Downloader.Istbar.BI

C:\Program Files\ISTsvc\istsvc.exe
Disinfection failed

C:\Program Files\ISTsvc\istsvc.exe
Delete failed

C:\Program Files\Wtzauk\Abpio.exe
Infected with: Trojan.Small.CY

C:\Program Files\Wtzauk\Abpio.exe
Disinfection failed

C:\Program Files\Wtzauk\Abpio.exe
Delete failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe=>wise0008
Infected with: Trojan.Downloader.Vb.AA

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe=>wise0008
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe=>wise0008
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe
Update failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe=>wise0009
Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe=>wise0009
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe=>wise0009
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP502\A0098516.exe
Update failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe=>wise0008
Infected with: Trojan.Downloader.Vb.AA

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe=>wise0008
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe=>wise0008
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe
Update failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe=>wise0009
Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe=>wise0009
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe=>wise0009
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP521\A0100380.exe
Update failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101150.exe
Infected with: GenPack:Trojan.Agent.AY

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101150.exe
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101150.exe
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101151.exe
Infected with: GenPack:Trojan.Agent.AY

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101151.exe
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101151.exe
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101153.dll
Infected with: Trojan.Downloader.Qoologic.AC

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101153.dll
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101153.dll
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101159.exe
Infected with: Trojan.Downloader.Vb.DX

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101159.exe
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101159.exe
Deleted

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101174.EXE
Infected with: Trojan.Downloader.IstBar.AK

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101174.EXE
Disinfection failed

C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101174.EXE
Deleted

scan de ewido

Créé le: 23:49:20, 2005-10-25
+ Somme de contrôle: AF7236AE

+ Résultats du scan:

HKLM\SOFTWARE\Classes\AppID\{026E4B83-1BF7-41CB-8233-4AF35341BC69} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{0982868C-47F0-4EFB-A664-C7B0B1015808} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{94927A13-4AAA-476A-989D-392456427688} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{94927A13-4AAA-476A-989D-392456427688}\TypeLib\\ -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\Interface\{A7370377-E217-4467-8448-9845270CD4A3} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\Interface\{A7370377-E217-4467-8448-9845270CD4A3}\TypeLib\\ -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\TypeLib\{026E4B83-1BF7-41CB-8233-4AF35341BC69} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\urlcli.UrlCliObj -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\urlcli.UrlCliObj\CLSID -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\urlcli.UrlCliObj\CLSID\\ -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\urlcli.UrlCliObj\CurVer -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\urlcli.UrlCliObj.1 -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\urlcli.UrlCliObj.1\CLSID\\ -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0982868C-47F0-4EFB-A664-C7B0B1015808} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94927A13-4AAA-476A-989D-392456427688} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKU\S-1-5-21-448539723-113007714-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0982868C-47F0-4EFB-A664-C7B0B1015808} -> Spyware.ClientMan : Nettoyer et sauvegarder
HKU\S-1-5-21-448539723-113007714-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{94927A13-4AAA-476A-989D-392456427688} -> Spyware.ClientMan : Nettoyer et sauvegarder
C:\Documents and Settings\abderrafi\Cookies\abderrafi@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Nettoyer et sauvegarder
C:\Documents and Settings\abderrafi\Cookies\abderrafi@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\abderrafi\Cookies\abderrafi@247realmedia[2].txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\abderrafi\Cookies\abderrafi@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\abderrafi\Cookies\abderrafi@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\abderrafi\Cookies\abderrafi@server.iad.liveperson[2].txt -> Spyware.Cookie.Liveperson : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101249.exe -> Spyware.BargainBuddy : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101250.cpl -> TrojanDownloader.Qoologic.ad : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101251.exe -> Adware.SAHA : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101252.dll -> Adware.eZula : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101253.dll -> Spyware.BargainBuddy : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101254.dll -> Spyware.BookedSpace : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101255.dll -> Spyware.BookedSpace : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101256.exe -> Spyware.BookedSpace : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101257.dll -> Spyware.BookedSpace : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101258.exe -> Trojan.Imiserv.c : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101259.exe -> Adware.SAHA : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101260.exe -> TrojanDownloader.Swizzor.af : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101261.exe -> Spyware.Downloadware : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101262.DLL -> Spyware.WindowEnhancer : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101263.DLL -> Spyware.SmartPops : Nettoyer et sauvegarder
C:\System Volume Information\_restore{BC81DA08-65C7-4052-B4FE-55C9D8D4614F}\RP524\A0101264.exe -> Spyware.SmartPops : Nettoyer et sauvegarder

::Fin du rapport

scan de hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 23:51:09, on 2005-10-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\m?dtc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\usnu\aslp.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.commentcamarche.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pages2start.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.pages2start.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {13C9BB65-0DDF-2573-D5FD-21404598FDE9} - C:\WINDOWS\system32\zoa.dll (file missing)
O2 - BHO: (no name) - {16DE8FC9-3928-1BDD-2902-4EB60A3CF5B8} - C:\WINDOWS\system32\huv.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll
O2 - BHO: (no name) - {D45722E8-A97D-38C2-F91F-7E35660EA42B} - C:\WINDOWS\cvdxhboj.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll
O3 - Toolbar: ZILLAbar - {8FC8AE66-AC15-4C0D-9E9A-51296A0C52FA} - C:\Program Files\ISSS\ZILLAbar\ZILLAbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [cluia] C:\WINDOWS\System32\cluia.exe
O4 - HKLM\..\Run: [dptspn] C:\WINDOWS\System32\dptspn.exe
O4 - HKLM\..\Run: [erifierv] C:\WINDOWS\System32\erifierv.exe
O4 - HKLM\..\Run: [hrpubws] C:\WINDOWS\System32\hrpubws.exe
O4 - HKLM\..\Run: [jlmonp] C:\WINDOWS\System32\jlmonp.exe
O4 - HKLM\..\Run: [mdmxfrmu] C:\WINDOWS\System32\mdmxfrmu.exe
O4 - HKLM\..\Run: [nmpsnaps] C:\WINDOWS\System32\nmpsnaps.exe
O4 - HKLM\..\Run: [qoa10m] C:\WINDOWS\System32\qoa10m.exe
O4 - HKLM\..\Run: [scpx32rm] C:\WINDOWS\System32\scpx32rm.exe
O4 - HKLM\..\Run: [rbenh 0l1004] "C:\Program Files\RBEnhance\rbenh.exe"
O4 - HKLM\..\Run: [Belt] C:\WINDOWS\Belt.exe
O4 - HKLM\..\Run: [rb32 lptt01] "C:\Program Files\rb32\rb32.exe"
O4 - HKLM\..\Run: [sctjd] C:\WINDOWS\jmiejqoj.exe
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Ezcmnouq] C:\Program Files\Wtzauk\Abpio.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\system32\mskkk.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EaEIoZh$vùõš/‚²‘ÆßC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xkoried.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msmc] C:\WINDOWS\system32\msdioo.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BackWeb LiteInstaller] C:\DOCUME~1\ABDERR~1\LOCALS~1\Temp\ins2.tmp\LiteInst.exe /NoIntervention
O4 - HKCU\..\Run: [Iez] C:\WINDOWS\System32\m?dtc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Widn] C:\Program Files\usnu\aslp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download using Download &Express - file://C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9F3009B-976B-41C4-A992-229DCCF3367C} (CoAxTrack Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O18 - Protocol: bw+0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {CC905FF6-B553-496C-9DFA-CFF65ADCD0FC} - C:\WINDOWS\system32\msjpnd.dll
O20 - AppInit_DLLs: mad.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

cordialement
0
Réponse 4 / 13
Real Mona Messages postés 1432 Statut Membre 94
 
Bonjour,

Ton sujet est "soupçonne de gros problèmes", tu aurais dû mettre d'énormes problèmes, car tu es très très très infecté !

Tu n’as pas désinstallé messenger+, ni windows messenger, fais le c’est important. Et si jamais tu veux réinstaller messenger+ après, surtout n’accepte pas les sponsors.

Met HijackThis dans son propre dossier, par exemple C:\hijackthis\hijackthis.exe, c’est très important !

Ensuite comme tu es très infecté, il faut que tu suives les manips à la lettre donc imprime ceci pour ne rien oublier de faire :

Méthode à suivre dans l'ordre...

----------------------------------------------------------------------------
¤Télécharge ces logiciels (si tu ne les as pas) mais que tu n‘utilises pas tout de suite:

1/Spybot S&D 1.4 <<nouvelle version
http://www.safer-networking.org/fr/index.html

Démo d’utilisation (merci à Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

2/Ad-Aware SE 1.06 <<nouvelle version
http://www.lavasoftusa.com/software/adaware/
-Une aide:
http://www.tutopat.com/viewtopic.php?t=1191
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/adawrevid.asf

3/ télécharge lm2fix
http://www.downloads.subratam.org/l2mfix.exe

4/ Télécharge: Pocket Killbox ici
http://www.downloads.subratam.org/KillBox.exe
regarde la vidéo sur l’utilisation avec le block note, on va s’en servir plus tard:
http://pageperso.aol.fr/balltrap34/killbox.htm

5/ nailfix, télécharge le ici:
http://www.noidea.us/easyfile/file.php?download=20050515010747824

----------------------------------------------------------------------------
Lance L2mfix

décompresse le double clique sur l2mfix.bat appuie sur n’importe quelle touche et ensuite choisi l’option 2
à la fin le programme devrait redémarrer ton système, dès le lancement du bios, tapote sur la touche F8 afin de basculer en mode sans échec (attention c’est important)

Killbox
1- Double-clic sur KillBox.exe
2- ouvre le bloc notes et copie la liste en gras ci-dessous
3- Sélectionne "Delete on Reboot"
4- reviens sur le bloc-notes et surligne toute la liste, puis clic droit dessus et clic sur copier
5- reviens sur killbox, et dans le menu du haut clic sur File, puis sur paste from clipboard
5- clic sur le rond rouge
6- une fenêtre va apparaître pour confirmation clic sur OUI
7- une seconde fenêtre te demande si tu veux redémarrer clic sur OUI

liste

C:\WINDOWS\Nail.exe

quand killbox redemarre le pc, appuie immédiatement sur F8, pour passer en mode sans échec
----------------------------------------------------------------------------
Désactive ta restauration système :
Clic droit sur poste de travail puis,
propriété, tu cliques sur onglet restauration système
tu coches la case « désactiver la restauration » et applique
----------------------------------------------------------------------------
Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage

Coche « afficher les fichiers et dossiers cachés »

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.

Et appliquer !
----------------------------------------------------------------------------
¤Vide tes fichiers temps et tempory internet file:

:: Supprimer les fichiers temporaires ::
vider tout le contenu de ces dossiers.

* C:\Documents and Settings\ton compte\Local Settings\Temp
* C:\Documents and Settings\tous les autres comptes\Local Settings\Temp
* C:\Windows\Temp

:: Le contenu du dossier prefetch ::

* C:\WINDOWS\Prefetch <= sauf le fichier layout.ini

* Ne pas oublier de vider la corbeille !
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {13C9BB65-0DDF-2573-D5FD-21404598FDE9} - C:\WINDOWS\system32\zoa.dll (file missing)
O2 - BHO: (no name) - {16DE8FC9-3928-1BDD-2902-4EB60A3CF5B8} - C:\WINDOWS\system32\huv.dll (file missing)
O2 - BHO: (no name) - {D45722E8-A97D-38C2-F91F-7E35660EA42B} - C:\WINDOWS\cvdxhboj.dll (file missing)
O3 - Toolbar: ZILLAbar - {8FC8AE66-AC15-4C0D-9E9A-51296A0C52FA} - C:\Program Files\ISSS\ZILLAbar\ZILLAbar.dll (file missing)
O4 - HKLM\..\Run: [cluia] C:\WINDOWS\System32\cluia.exe
O4 - HKLM\..\Run: [dptspn] C:\WINDOWS\System32\dptspn.exe
O4 - HKLM\..\Run: [erifierv] C:\WINDOWS\System32\erifierv.exe
O4 - HKLM\..\Run: [hrpubws] C:\WINDOWS\System32\hrpubws.exe
O4 - HKLM\..\Run: [jlmonp] C:\WINDOWS\System32\jlmonp.exe
O4 - HKLM\..\Run: [mdmxfrmu] C:\WINDOWS\System32\mdmxfrmu.exe
O4 - HKLM\..\Run: [nmpsnaps] C:\WINDOWS\System32\nmpsnaps.exe
O4 - HKLM\..\Run: [qoa10m] C:\WINDOWS\System32\qoa10m.exe
O4 - HKLM\..\Run: [scpx32rm] C:\WINDOWS\System32\scpx32rm.exe
O4 - HKLM\..\Run: [rbenh 0l1004] "C:\Program Files\RBEnhance\rbenh.exe"
O4 - HKLM\..\Run: [Belt] C:\WINDOWS\Belt.exe
O4 - HKLM\..\Run: [rb32 lptt01] "C:\Program Files\rb32\rb32.exe"
O4 - HKLM\..\Run: [sctjd] C:\WINDOWS\jmiejqoj.exe
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Ezcmnouq] C:\Program Files\Wtzauk\Abpio.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\system32\mskkk.exe
O4 - HKLM\..\Run: [EaEIoZh$v ùõš/‚²‘Æ ßC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xkoried.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\Run: [msmc] C:\WINDOWS\system32\msdioo.exe
O4 - HKCU\..\Run: [BackWeb LiteInstaller] C:\DOCUME~1\ABDERR~1\LOCALS~1\Temp\ins2.tmp\LiteInst.exe /NoIntervention
O4 - HKCU\..\Run: [Iez] C:\WINDOWS\System32\m?dtc.exe
O4 - HKCU\..\Run: [Widn] C:\Program Files\usnu\aslp.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O18 - Protocol: bw+0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1716AEBB-185F-4AB3-8457-A92078902614} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

----------------------------------------------------------------------------
Recherche et supprime ceci:
attention seulement les fichiers (si présents)
C:\WINDOWS\System32\cluia.exe
C:\WINDOWS\System32\dptspn.exe
C:\WINDOWS\System32\erifierv.exe
C:\WINDOWS\System32\hrpubws.exe
C:\WINDOWS\System32\jlmonp.exe
C:\WINDOWS\System32\mdmxfrmu.exe
C:\WINDOWS\System32\nmpsnaps.exe
C:\WINDOWS\System32\qoa10m.exe
C:\WINDOWS\System32\scpx32rm.exe
C:\WINDOWS\Belt.exe
C:\WINDOWS\jmiejqoj.exe
C:\WINDOWS\system32\mskkk.exe
C:\WINDOWS\xkoried.exe
C:\WINDOWS\cfgmgr52.dll,DllRun
C:\Program Files\Common Files\PSD Tools\blengine.exe
C:\WINDOWS\system32\msdioo.exe
C:\WINDOWS\System32\m?dtc.exe
C:\WINDOWS\svcproc.exe
----------------------------------------------------------------------------
Recherche et supprime ceci (les dossiers donc ce qui est en gras)

C:\Program Files\RBEnhance\rbenh.exe
C:\Program Files\TV Media\Tvm.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Wtzauk\Abpio.exe
C:\Program Files\rb32\rb32.exe
C:\Program Files\Media Gateway\MediaGateway.exe
C:\DOCUME~1\ABDERR~1\LOCALS~1\Temp\ins2.tmp\LiteInst.exe /NoIntervention
C:\Program Files\usnu\aslp.exe

----------------------------------------------------------------------------
¤Arrête ce service :

Clique sur Démarrer->exécuter->tape: services.msc

Double-clique:
Service: System Startup Service (SvcProc)

Règle-le sur "Arrêté" et "Désactivé".
----------------------------------------------------------------------------
passe nailfix
----------------------------------------------------------------------------
repasse l2mfix option 2, laisse redémarrer normalement
----------------------------------------------------------------------------
¤ Passe Ad-Aware et vire tout ce qu’il trouve + vide la quarantaine
----------------------------------------------------------------------------
¤ Passe Spybot et vire tout ce qu’il trouve + vide la quarantaine
----------------------------------------------------------------------------
> Tu vides ta poubelle et tu redémarres en mode normal et refait un HijackThis

Bon courage,
A+

M.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
crafie Messages postés 12 Statut Membre
 
bonjour M

quand je telecharge lm2fix, je ne trouve aucun fichier lm2fix.bat le module de telechargement me demande d'aller sur d'autres sites si je ne trouve pas d'extension bat, je suis un peu perdu, excuse moi je suis un novice peut etre que j'interprete mal tes explications en tout cas merci beaucoup pour ton amabilite.

merci de ne pas me lacher je suis dans de beaux draps.
0
Réponse 6 / 13
jean38 Messages postés 2534 Date d'inscription   Statut Contributeur Dernière intervention   47
 
salut,

normalement quand tu charges Le fix tu as 2 fichiers, double clic sur l'un ou l'autre, un ne fit rien l'autre lance un prog avec un fenetre menu.

Jean pour Mona
0
Réponse 7 / 13
Real Mona Messages postés 1432 Statut Membre 94
 
Merci Jean pour ton explication!

Non Crafie, on ne te laisse pas tomber !
As-tu compris l'explication de Jean ?

A+
M.
0
Réponse 8 / 13
crafie Messages postés 12 Statut Membre
 
salut les mousquetaires

oui j'ai clairement compris, et je vais me mettre a l'oeuvre ce soir, je vous donne des nouvelles demain, des resultats, encore une fois un enorme merci.

cordialement, mona et jean

R.
0
Réponse 9 / 13
crafie Messages postés 12 Statut Membre
 
bonjour les mousquetaires
apres une longue absence, je m'adresse encore a vous pour resoudre mes problemes, ce n'est pas par mauvaise foi je sais que votre temps est precieux mais je n'ai rien pu faire, depuis que vous m'avez donne la solution a mes problemes, un membre de la famille souffre du cancer et je n'ai pas la tete a resoudre mes problemes, merci de m'aider
0
Réponse 10 / 13
crafie Messages postés 12 Statut Membre
 
BONJOUR LES MOUSQUETAIRES
VOICI MON HIJACKTHIS COMME REQUIS

Logfile of HijackThis v1.99.1
Scan saved at 23:21:01, on 2005-11-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pages2start.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.pages2start.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [startpage] c:\startpage.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 302
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download using Download &Express - file://C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9F3009B-976B-41C4-A992-229DCCF3367C} (CoAxTrack Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O18 - Protocol: bw+0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B764F541-2D8B-4726-92CB-51925D7211D9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: mad.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

MERCI DE DONNER UNE SUITE ET BON COURAGE POUR VOTRE CAUSE
0
Réponse 11 / 13
Utilisateur anonyme
 
Salut
a defaut de mona,

O4 - HKLM\..\Run: [startpage] c:\startpage.exe<< supprimes celui la et vides la corbeille puis fixes la ligne ...
0
Réponse 12 / 13
crafie Messages postés 12 Statut Membre
 
merci d'avoir repondu, mais je ne sais pas comment supprimer cette ligne peux tu me dire comment faire, je veux dire la procedure?, merci beaucoup pour ton aide.
crafie
0
Utilisateur anonyme
 
Salut,
clique sur demarrer, rechercher, tape: startpage.exe dans les deux barre vide, selectionne recherche dans C: puis rechercher dèsqu'il le trouve supprime le.
0
crafie Messages postés 12 Statut Membre > Utilisateur anonyme
 
est ce que je dois redemarrer en mode sans echec pour ca parceque dans demarrer, rechercher, il ne trouve rien
0
Réponse 13 / 13
Utilisateur anonyme
 
salut si tu le trouve pas ca veut dire que les antispyware ( edwido/adaware ...ect) l'ont supprimé

t'en ai ou avec tes problemes?

un conseille installe un firewall perso je te conseille kerio . met a jour ton antivirus et scan ton ordi avec ton antivirus et les antispywares au moin une fois par semaine

@++++++++++
0

Discussions similaires

fichiers word transformés en open office!!!
gengis4872 -
OOoForum -

7 réponses
Libre Office Writer
Siroda -
trotte-menu -

5 réponses
Soupçon de virus sur mon PC, besoin d'aide
PoutreLaLoutre -
bazfile -

3 réponses
Récupérer un fichier odt open office
Kiwi -
Anisa B -

41 réponses