Winfixer 2005 + friend
Résolu
Aleksand
Messages postés
69
Statut
Membre
-
bernie61 -
bernie61 -
Bonjour,
Je ne m'y connais pas beaucoup en informatique, c'est la raison pour laquelle je fais appel à vous, Ô grands sachants du milieu informatique!!
Je suis sous windows XP et j'ai deux problèmes (au moins!!)
1/ winfixer 2005 que je ne pense pas avoir téléchargé mais la fenêtre s'affiche dès l'ouverture de ma session et me demande de le télécharger.
J'ai bien lu les autres mails concernant ce sujet, aussi je vous poste ci-après mon log de hijack.
2/friend, enfin je crois qu'il s'agit de cela. En fait depuis que j'ai attrapé cela, sur toutes mes pages web, certains mots sont transformés en lien publicitaire.
Bien sur, tout ca ralentit fréquemment mon pc et parfois il arrive que cela crée des erreurs qui entrainent l'extinction pure et simple de mon pc.
J'ai deja utilisé ad aware, spy bot mais sans succès... Merci pour votre aide.
Voici mon log:
Logfile of HijackThis v1.99.1
Scan saved at 18:14:59, on 23/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Documents and Settings\alex\Bureau\Raccourcis Bureau non utilisés\yz_dck0083\YzDock.exe
C:\WINDOWS\system32\Weather.exe
C:\PROGRA~1\Logitech\Video\FxSvr2.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\alex\LOCALS~1\Temp\Rar$EX00.734\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NetPumper] "C:\Program Files\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - HKLM\..\Run: [LiteChinVgaFlaw] C:\Documents and Settings\All Users\Application Data\KEEPBALLLITECHIN\SignInside.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Type mp3] C:\DOCUME~1\alex\APPLIC~1\FragWin\DrvMagsGrey.exe
O4 - Startup: Raccourci vers YzDock.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm185XXUS
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: TypePad QuickPost - https://www.typepad.com/t/app?__mode=reg_qp_js&qp_show=tb,ca,ac,ap&qp_height=735
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - http://www.friend.fr/friend/Friend2005-01.xms
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095283449015
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604485.exe
O18 - Protocol: bw+0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Navigation étendue et définition (Connexion dictionnaire) - Friend ® - C:\WINDOWS\system32\Weather.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Je ne m'y connais pas beaucoup en informatique, c'est la raison pour laquelle je fais appel à vous, Ô grands sachants du milieu informatique!!
Je suis sous windows XP et j'ai deux problèmes (au moins!!)
1/ winfixer 2005 que je ne pense pas avoir téléchargé mais la fenêtre s'affiche dès l'ouverture de ma session et me demande de le télécharger.
J'ai bien lu les autres mails concernant ce sujet, aussi je vous poste ci-après mon log de hijack.
2/friend, enfin je crois qu'il s'agit de cela. En fait depuis que j'ai attrapé cela, sur toutes mes pages web, certains mots sont transformés en lien publicitaire.
Bien sur, tout ca ralentit fréquemment mon pc et parfois il arrive que cela crée des erreurs qui entrainent l'extinction pure et simple de mon pc.
J'ai deja utilisé ad aware, spy bot mais sans succès... Merci pour votre aide.
Voici mon log:
Logfile of HijackThis v1.99.1
Scan saved at 18:14:59, on 23/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Documents and Settings\alex\Bureau\Raccourcis Bureau non utilisés\yz_dck0083\YzDock.exe
C:\WINDOWS\system32\Weather.exe
C:\PROGRA~1\Logitech\Video\FxSvr2.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\alex\LOCALS~1\Temp\Rar$EX00.734\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NetPumper] "C:\Program Files\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - HKLM\..\Run: [LiteChinVgaFlaw] C:\Documents and Settings\All Users\Application Data\KEEPBALLLITECHIN\SignInside.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Type mp3] C:\DOCUME~1\alex\APPLIC~1\FragWin\DrvMagsGrey.exe
O4 - Startup: Raccourci vers YzDock.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm185XXUS
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: TypePad QuickPost - https://www.typepad.com/t/app?__mode=reg_qp_js&qp_show=tb,ca,ac,ap&qp_height=735
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - http://www.friend.fr/friend/Friend2005-01.xms
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095283449015
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604485.exe
O18 - Protocol: bw+0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Navigation étendue et définition (Connexion dictionnaire) - Friend ® - C:\WINDOWS\system32\Weather.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
A voir également:
- Winfixer 2005 + friend
- Money 2005 - Télécharger - Comptabilité & Facturation
- Facebook friend mapper - Télécharger - Vie quotidienne
- Mai friend - Guide
- Archives résultats bac 2005 ✓ - Forum Réseaux sociaux
- Adult friend - Forum Vos droits sur internet
10 réponses
salut
commences par désinstaller Net Pumper et MSN-PLUS
par Démarrer/panneauConfig/ajoutSuppressionProgrammes
a+
commences par désinstaller Net Pumper et MSN-PLUS
par Démarrer/panneauConfig/ajoutSuppressionProgrammes
a+
merci pour ta promptitude! (-;
j'ai bien désinstallé msn plus, par contre je ne trouve pas net pumper dans les programmes.
Que fais je?
j'ai bien désinstallé msn plus, par contre je ne trouve pas net pumper dans les programmes.
Que fais je?
re
0. Installe ce nettoyeur CCLEANER http://www.ccleaner.com/ ou là http://www.ccleaner.com/ccdownload.asp (choisir un lien) ou bien direct là http://www.filehippo.com/download_ccleaner.html
ensuite
*Configure ton ordi pour tous scan à exécuter complétement, il faut pouvoir scanner tous les dossiers caché et système donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers
Lances cet utilitaire LSP-FIX là http://www.cexx.org/lspfix.htm
1. Tu connais ça ? non, alors vérifie (cliq droit souris/propriété) si inconnu ZIP compresse le fichier et efface le .EXE (sinon à vérifier là http://virusscan.jotti.org/ fichier par fichier Parcourir puis SEND lance ce multiple scanneur antivirus)
C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe > ??
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" >> ??
2. Relances Hijackthis et coche (puis FIX)
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe
O4 - HKLM\..\Run: [NetPumper] "C:\Program Files\NetPumper\NetPumperIEProxy.exe" > si encore là
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - Startup: Raccourci vers YzDock.exe.lnk = ? > tu connais sinon coche
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll > tous les O10
O16 > cocher tout
3. Effacer ces programmes .EXE ( et à la fin vider la corbeille)
C:\Program Files\NetPumper\ > effacer tout le répertoire si encore là
C : … rofl.exe
C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe > si inconnu ou méchant
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" > effacer si méchant
C :Document&Setting/…. YzDock.exe.lnk à rechercher et effacer si inconnu de toi (application de office ?)
c:\windows\system32\msvrl.dll
5. vider les répertoires temps et la corbeille, en lançant Ccleaner
Refais un hijackthis de contrôle
a+
0. Installe ce nettoyeur CCLEANER http://www.ccleaner.com/ ou là http://www.ccleaner.com/ccdownload.asp (choisir un lien) ou bien direct là http://www.filehippo.com/download_ccleaner.html
ensuite
*Configure ton ordi pour tous scan à exécuter complétement, il faut pouvoir scanner tous les dossiers caché et système donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers
Lances cet utilitaire LSP-FIX là http://www.cexx.org/lspfix.htm
1. Tu connais ça ? non, alors vérifie (cliq droit souris/propriété) si inconnu ZIP compresse le fichier et efface le .EXE (sinon à vérifier là http://virusscan.jotti.org/ fichier par fichier Parcourir puis SEND lance ce multiple scanneur antivirus)
C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe > ??
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" >> ??
2. Relances Hijackthis et coche (puis FIX)
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe
O4 - HKLM\..\Run: [NetPumper] "C:\Program Files\NetPumper\NetPumperIEProxy.exe" > si encore là
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - Startup: Raccourci vers YzDock.exe.lnk = ? > tu connais sinon coche
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll > tous les O10
O16 > cocher tout
3. Effacer ces programmes .EXE ( et à la fin vider la corbeille)
C:\Program Files\NetPumper\ > effacer tout le répertoire si encore là
C : … rofl.exe
C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe > si inconnu ou méchant
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" > effacer si méchant
C :Document&Setting/…. YzDock.exe.lnk à rechercher et effacer si inconnu de toi (application de office ?)
c:\windows\system32\msvrl.dll
5. vider les répertoires temps et la corbeille, en lançant Ccleaner
Refais un hijackthis de contrôle
a+
excuse moi mais j'ai décroché dès la première étape!
étape 0, OK
j'ai LSP Fix (tableau) qui me demande si je veux conserver ou dégager:
mswsock.dll
winrnr.dll
Msvrl.dll
rsvpsp.dll
je fais quoi?
sinon je comprend pas tout dans l'étape 1, je vais sur le lien que tu m'as indiqué (http://virusscan.jotti.org/) mais après je fais quoi?
merci pour ta patience...
étape 0, OK
j'ai LSP Fix (tableau) qui me demande si je veux conserver ou dégager:
mswsock.dll
winrnr.dll
Msvrl.dll
rsvpsp.dll
je fais quoi?
sinon je comprend pas tout dans l'étape 1, je vais sur le lien que tu m'as indiqué (http://virusscan.jotti.org/) mais après je fais quoi?
merci pour ta patience...
salut
avec lpsfix il faut faire ceci
Tu le lances.
Tu coches "I know what I'm doing"
Tu fais passer dans "remove" tout ce qui a trait à msvrl.dll
Et surtout rien d'autre!
Tu cliques "finish".
avec lpsfix il faut faire ceci
Tu le lances.
Tu coches "I know what I'm doing"
Tu fais passer dans "remove" tout ce qui a trait à msvrl.dll
Et surtout rien d'autre!
Tu cliques "finish".
une fois que je suis sur http://virusscan.jotti.org/, je fais quoi? j'ai rentré les deux fichiers que tu m'as indiqué (C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe > ?? et
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" >> ?? ) car si j'ai bien compris, je dois les scanner grace a ce site mais quand je fais submit j'ai ce message qui s'affiche: The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" >> ?? ) car si j'ai bien compris, je dois les scanner grace a ce site mais quand je fais submit j'ai ce message qui s'affiche: The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok parfais alors tu les recherches et effaces
tu peux cocher les lignes correspondantes dans HJ et faire FIX
a+
tu peux cocher les lignes correspondantes dans HJ et faire FIX
a+
j'ai recherché les deux fichiers
C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe > ??
j'ai bien trouvé BODY.exe
j'ai essayé de le supprimer mais un message m'indique qu'il est "impossible de supprimer 1 BODY: accès refusé. Vérifiez que le disque n'est pas plein ou protégé en écriture et que le fichier n'est pas utilisé actuellement"
Alors j'ai essayé de suivre ce que tu m'as indiqué, j'ai essayé de le compresser, pas possible. J'ai viré le .exe et du coup c'est devenu un fichier dont jai modifié lextension donc non utilisable... j'ai fait une betise peut etre? quoiqu il en soit, je ne peux pas le supprimer non plus;
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" >> ??
je ne parviens pas à trouver ce fichier, ma recherche s'arrete dans le dossier Downloaded prog files
par contre dans ce dossier j'ai un fichier de type control active X dont le code base est:http://www.friend.fr/friend/Friend2005-01.xms il y a un rapport avec friend je pense??
C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe > ??
j'ai bien trouvé BODY.exe
j'ai essayé de le supprimer mais un message m'indique qu'il est "impossible de supprimer 1 BODY: accès refusé. Vérifiez que le disque n'est pas plein ou protégé en écriture et que le fichier n'est pas utilisé actuellement"
Alors j'ai essayé de suivre ce que tu m'as indiqué, j'ai essayé de le compresser, pas possible. J'ai viré le .exe et du coup c'est devenu un fichier dont jai modifié lextension donc non utilisable... j'ai fait une betise peut etre? quoiqu il en soit, je ne peux pas le supprimer non plus;
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe" >> ??
je ne parviens pas à trouver ce fichier, ma recherche s'arrete dans le dossier Downloaded prog files
par contre dans ce dossier j'ai un fichier de type control active X dont le code base est:http://www.friend.fr/friend/Friend2005-01.xms il y a un rapport avec friend je pense??
re
pour effacer suit ceci
effaceur Hijackthis
ouvrir Hijackthis là en bas droite CONFIG puis onglet MISCtools, là « Delete a file on reboot », cliq dessus et suivre chemin de fichier à effacer, il indique alors « voulez-vous redémarrer maintenant », cliq sur NON si d’autres fichiers sont à sélectionner et à nouveau « Delete a file on reboot » .. puis cliq OUI quand tous les fichiers sont sélectionnés
pour l'autre vérifie ta config fichier caché etc:
Configure ton ordi pour tous scan à exécuter complétement, il faut pouvoir scanner tous les dossiers caché et système donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers
a+
pour effacer suit ceci
effaceur Hijackthis
ouvrir Hijackthis là en bas droite CONFIG puis onglet MISCtools, là « Delete a file on reboot », cliq dessus et suivre chemin de fichier à effacer, il indique alors « voulez-vous redémarrer maintenant », cliq sur NON si d’autres fichiers sont à sélectionner et à nouveau « Delete a file on reboot » .. puis cliq OUI quand tous les fichiers sont sélectionnés
pour l'autre vérifie ta config fichier caché etc:
Configure ton ordi pour tous scan à exécuter complétement, il faut pouvoir scanner tous les dossiers caché et système donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers
a+
pour le premier fichier, c'est ok, il est effacé
par contre je ne trouve toujours pas le deuxieme malgré la configuration que tu m'indiques. Cependant, tu me dis de décocher "masquer fichiers protégés du dossier système" et moi c'est indiqué "masquer les fichiers protégés du système d'exploitation (recommandé)", c'est bien la même chose?
si c'est le cas, je ne trouve pas ce fichier.
par contre je ne trouve toujours pas le deuxieme malgré la configuration que tu m'indiques. Cependant, tu me dis de décocher "masquer fichiers protégés du dossier système" et moi c'est indiqué "masquer les fichiers protégés du système d'exploitation (recommandé)", c'est bien la même chose?
si c'est le cas, je ne trouve pas ce fichier.
ok le voici chef!
Logfile of HijackThis v1.99.1
Scan saved at 20:42:11, on 23/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Documents and Settings\alex\Bureau\Raccourcis Bureau non utilisés\yz_dck0083\YzDock.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\alex\LOCALS~1\Temp\Rar$EX00.687\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NetPumper] "C:\Program Files\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - HKLM\..\Run: [LiteChinVgaFlaw] C:\Documents and Settings\All Users\Application Data\KEEPBALLLITECHIN\SignInside.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Type mp3] C:\DOCUME~1\alex\APPLIC~1\FragWin\DrvMagsGrey.exe
O4 - Startup: Raccourci vers YzDock.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm185XXUS
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: TypePad QuickPost - https://www.typepad.com/t/app?__mode=reg_qp_js&qp_show=tb,ca,ac,ap&qp_height=735
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - http://www.friend.fr/friend/Friend2005-01.xms
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095283449015
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604485.exe
O18 - Protocol: bw+0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - 0 - (no file)
O18 - Protocol: offline-8876480 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Navigation étendue et définition (Connexion dictionnaire) - Friend ® - C:\WINDOWS\system32\Weather.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of HijackThis v1.99.1
Scan saved at 20:42:11, on 23/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Documents and Settings\alex\Bureau\Raccourcis Bureau non utilisés\yz_dck0083\YzDock.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\alex\LOCALS~1\Temp\Rar$EX00.687\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NetPumper] "C:\Program Files\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - HKLM\..\Run: [LiteChinVgaFlaw] C:\Documents and Settings\All Users\Application Data\KEEPBALLLITECHIN\SignInside.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Type mp3] C:\DOCUME~1\alex\APPLIC~1\FragWin\DrvMagsGrey.exe
O4 - Startup: Raccourci vers YzDock.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm185XXUS
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: TypePad QuickPost - https://www.typepad.com/t/app?__mode=reg_qp_js&qp_show=tb,ca,ac,ap&qp_height=735
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - http://www.friend.fr/friend/Friend2005-01.xms
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095283449015
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604485.exe
O18 - Protocol: bw+0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - 0 - (no file)
O18 - Protocol: offline-8876480 - {256D212B-C621-4158-91A1-48CF08710763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Navigation étendue et définition (Connexion dictionnaire) - Friend ® - C:\WINDOWS\system32\Weather.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
re
aie ou bien tu en as oublié ou bien ça revient
C:… rofl.exe > tu as vérifié??
2. Relances Hijackthis et coche (puis FIX)
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe (file missing)
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe > si méchant??
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm185XXUS
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - http://www.friend.fr/friend/Friend2005-01.xms
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604485.exe
3. Effacer ces programmes .EXE ( et à la fin vider la corbeille)
C:\Program Files\NetPumper\ > tout le repertoire
C:… rofl.exe > si méchant
relance ccleaner
a+
aie ou bien tu en as oublié ou bien ça revient
C:… rofl.exe > tu as vérifié??
2. Relances Hijackthis et coche (puis FIX)
O2 - BHO: (no name) - {8F9C34CF-0682-A597-B463-26839195ADF1} - C:\DOCUME~1\alex\APPLIC~1\GREATF~1\1 BODY.exe (file missing)
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5V_0001_LPNetInstaller.exe"
O4 - HKCU\..\Run: [Win32 USB2 Driver] rofl.exe > si méchant??
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm185XXUS
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O16 - DPF: {1B3E3251-658E-4F03-8881-68302FE3CE9E} - http://www.friend.fr/friend/Friend2005-01.xms
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604485.exe
3. Effacer ces programmes .EXE ( et à la fin vider la corbeille)
C:\Program Files\NetPumper\ > tout le repertoire
C:… rofl.exe > si méchant
relance ccleaner
a+
et bernie,
c'est lop donc même si tu fixes ça va revenir, car au prochain demarrage il se regenerent .
Faudrait charger:
1)
telecharge lopxp ici:
http://cjoint.com/?kumvZSxxY4
2) dezippe le (clic droit dessus > extraire tout)
et lance lopxp.bat
le bloc note va s'ouvrir, copie et colle le contenu ici le rapport
si tu me permets bien sûr.
Jean
c'est lop donc même si tu fixes ça va revenir, car au prochain demarrage il se regenerent .
Faudrait charger:
1)
telecharge lopxp ici:
http://cjoint.com/?kumvZSxxY4
2) dezippe le (clic droit dessus > extraire tout)
et lance lopxp.bat
le bloc note va s'ouvrir, copie et colle le contenu ici le rapport
si tu me permets bien sûr.
Jean
re
pas grand chose à faire pour éviter les pbm:
faire mise à jour de:
- windows,
- antivirus
- firewall
- antispy (spybotS&D et Adaware de Lavasoft)
- antitrojan (a2 ou ewido)
et faire scan régulier (1x par semaine si tu surf beaucoup)
vider les répertoire temp, corbeille,
et surtout ne pas cliquer sur n'importe quel émail et fichier attaché
ou pas de surf sur émule , sherazza, etc
a+
pas grand chose à faire pour éviter les pbm:
faire mise à jour de:
- windows,
- antivirus
- firewall
- antispy (spybotS&D et Adaware de Lavasoft)
- antitrojan (a2 ou ewido)
et faire scan régulier (1x par semaine si tu surf beaucoup)
vider les répertoire temp, corbeille,
et surtout ne pas cliquer sur n'importe quel émail et fichier attaché
ou pas de surf sur émule , sherazza, etc
a+
