Sujet Précédent Sujet Suivant

Spyware résistant à Ewido et + (bowsela.dll)

Résolu/Fermé
olivier - 28 déc. 2005 à 15:37
 moi - 5 janv. 2006 à 14:42
Salut,
J'ai une machine avec 3 spyware résistant dont le principal un Downloader.def.oea caché dans browsela.dll
Le deuxième dans alt.exe et le troisième dans adsldbdp.dll
Que ce soit avec anti spy, Ewido, smitrem, hijackthis, ils sont détectés, la suppression se fait bien (en mode sans échec) mais il veviennent aussi sec.

Si quelqu'un avait une astuce pour virer ce truc ce serait sympa
A voir également:

18 réponses

Réponse 1 / 18
incognito02 Messages postés 3487 Date d'inscription vendredi 28 octobre 2005 Statut Contributeur Dernière intervention 17 août 2008 138
28 déc. 2005 à 17:16
Bonjour Olivier,

si tu as utilisé smitrem, c'est que tu n'est pas en win xp ?

As tu essayé Spybot et adaware en mode sans echec ?

A+
0
Page
31 déc. 2005 à 18:49
Hallo

Pour eliminer bowsela.dll j'ai démarer d'abord windows XP dans le safe-mode, ensuite activer le virusscan de Norton ( ou un autre), eliminer tous les "threats" (ils se trouvaient principalement dans le Rycicler [fichier caché dans windows explorer]). Ensuite redémarer normalement windows.

Le fichier bowsela.dll est activer par les fichiers de reinstallation du système. Il faut désactiver la reinstallation du système dans le "system manager". Tous les fichiers de réinstallation seront effacés et bowsela.dll n'apparaît plus.
0
Réponse 2 / 18
olivier
28 déc. 2005 à 17:58
Je suis sous Windows XP ce qui ne gêne pas Smitrem en étant en mode sans échec, mis à part certain lien qu'il ne trouve pas
De là Ewido trouve, la suppression se fait après le reboot ils réapparaissent. Ad aware ne le voit pas et le fix sous HiJackThis n'y fait rien
0
Réponse 3 / 18
incognito02 Messages postés 3487 Date d'inscription vendredi 28 octobre 2005 Statut Contributeur Dernière intervention 17 août 2008 138
28 déc. 2005 à 18:06
Olivier,

Refait log hijackthis et poste le sur le forum, on essaira de trouver ce qui cloche.

A+

0
Réponse 4 / 18
olafarge Messages postés 7 Date d'inscription mercredi 28 décembre 2005 Statut Membre Dernière intervention 31 décembre 2005
28 déc. 2005 à 18:15
Je suis pas sur lamachine concerné, mais en fait il ressort bien en
020 le lancement de la DLL browsela.dll
ça c'est pour le principal
la je suis en train d'essayer avec spyware doctor qui en a détercté une masse
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 18
olafarge Messages postés 7 Date d'inscription mercredi 28 décembre 2005 Statut Membre Dernière intervention 31 décembre 2005
28 déc. 2005 à 18:18
Logfile of HijackThis v1.99.1
Scan saved at 16:08:13, on 28/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Pascal\Bureau\AntiSPy\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13Emww/YwLe98kRA1QsBxXT9F7fCFWdUBgSpDQPVHwBB3ffdt3jggSbm4LQawJbDcJJZezn7VK06suhsqcmGcmUbCNR4eEBzT18xtukzi
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0167a6d9eacfbade4006/netzip/RdxIE601_fr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: bw+0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: browsela - C:\WINDOWS\system32\browsela.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
0
Réponse 6 / 18
incognito02 Messages postés 3487 Date d'inscription vendredi 28 octobre 2005 Statut Contributeur Dernière intervention 17 août 2008 138
28 déc. 2005 à 18:24
essaie de nous faire parvenir le log, ça sera plus facile pour t'aider.

A+

0
Réponse 7 / 18
incognito02 Messages postés 3487 Date d'inscription vendredi 28 octobre 2005 Statut Contributeur Dernière intervention 17 août 2008 138
28 déc. 2005 à 18:25
c'est un log en mode normal ou en mode sans echec ?
0
olafarge Messages postés 7 Date d'inscription mercredi 28 décembre 2005 Statut Membre Dernière intervention 31 décembre 2005
28 déc. 2005 à 18:34
en mode sans échec
0
Réponse 8 / 18
incognito02 Messages postés 3487 Date d'inscription vendredi 28 octobre 2005 Statut Contributeur Dernière intervention 17 août 2008 138
28 déc. 2005 à 18:40
refait un log en mode normal, sinon on ne voit pas tout.

Bon courage.

A+

0
Réponse 9 / 18
olafarge Messages postés 7 Date d'inscription mercredi 28 décembre 2005 Statut Membre Dernière intervention 31 décembre 2005
29 déc. 2005 à 13:04
XP en mode nomal:
Logfile of HijackThis v1.99.1
Scan saved at 12:59:28, on 29/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Pascal\Bureau\AntiSPy\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13Emww/YwLe98kRA1QsBxXT9F7fCFWdUBgSpDQPVHwBB3ffdt3jggSbm4LQawJbDcJJZezn7VK06suhsqcmGcmUbCNR4eEBzT18xtukzi
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: C:\WINDOWS\adsldpbf.dll - {EEE7178C-BBC3-4153-9DDE-CD0E9AB1B5B6} - C:\WINDOWS\adsldpbf.dll
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [AlexaToolbar] C:\WINDOWS\alt.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0167a6d9eacfbade4006/netzip/RdxIE601_fr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: bw+0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: browsela - C:\WINDOWS\system32\browsela.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
0
Réponse 10 / 18
incognito02 Messages postés 3487 Date d'inscription vendredi 28 octobre 2005 Statut Contributeur Dernière intervention 17 août 2008 138
29 déc. 2005 à 13:29
Bonjour,

Télécharge lopxp ici:

http://pageperso.aol.fr/balltrap34/lopxp.zip (Merci Moe31 et Balltrap34)

2) dezippe le (clic droit dessus > extraire tout)
et lance lopxp.bat
le bloc note va s'ouvrir, copie et colle le contenu ici

A+


0
Réponse 11 / 18
olafarge Messages postés 7 Date d'inscription mercredi 28 décembre 2005 Statut Membre Dernière intervention 31 décembre 2005
29 déc. 2005 à 15:54
Rapport fait à 15:51:00,65 le 29/12/2005

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D047-3B08

R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

27/12/2005 14:25 62 desktop.ini
27/12/2005 14:25 <REP> Adobe
27/12/2005 14:25 <REP> Identities
27/12/2005 14:25 <REP> InterTrust
27/12/2005 14:25 <REP> InterVideo
27/12/2005 14:25 <REP> ..
27/12/2005 14:25 <REP> Microsoft
27/12/2005 14:25 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 63395303424 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D047-3B08

R‚pertoire de C:\Documents and Settings\All Users\Application Data

02/12/2005 19:56 <REP> Windows Genuine Advantage
12/10/2005 12:40 <REP> Messenger Plus!
02/08/2005 08:57 3380 QTSBandwidthCache
24/04/2005 16:32 <REP> Apple Computer
12/03/2005 15:37 <REP> Spybot - Search & Destroy
09/11/2003 17:02 <REP> OLYMPUS
09/11/2003 15:55 <REP> QuickTime
27/10/2003 15:09 <REP> MSN6
25/10/2003 17:01 <REP> Canon
02/05/2003 11:00 62 desktop.ini
02/05/2003 10:59 <REP> Microsoft
02/05/2003 10:59 <REP> ..
02/05/2003 10:59 <REP> .
02/05/2003 10:18 <REP> SBSI
2 fichier(s) 3442 octets
12 R‚p(s) 63395299328 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D047-3B08

R‚pertoire de C:\Documents and Settings\B‚atrice\Application Data

13/10/2005 09:32 <REP> HbTools
02/06/2005 14:49 <REP> Macromedia
01/05/2005 19:36 <REP> Apple Computer
03/04/2005 19:22 <REP> Real
28/05/2004 10:37 <REP> Help
24/11/2003 03:17 73176 GDIPFONTCACHEV1.DAT
09/11/2003 03:29 <REP> Template
27/10/2003 15:09 <REP> MSN6
25/10/2003 16:55 62 desktop.ini
25/10/2003 16:55 <REP> InterTrust
25/10/2003 16:55 <REP> Adobe
25/10/2003 16:55 <REP> Identities
25/10/2003 16:55 <REP> InterVideo
25/10/2003 16:55 <REP> ..
25/10/2003 16:55 <REP> .
25/10/2003 16:55 <REP> Microsoft
2 fichier(s) 73238 octets
14 R‚p(s) 63395299328 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D047-3B08

R‚pertoire de C:\Documents and Settings\Default User\Application Data

25/10/2003 16:54 <REP> InterTrust
25/10/2003 16:54 <REP> Adobe
25/10/2003 16:54 <REP> InterVideo
02/05/2003 11:00 62 desktop.ini
02/05/2003 10:59 <REP> Microsoft
02/05/2003 10:59 <REP> ..
02/05/2003 10:59 <REP> .
02/05/2003 10:08 <REP> Identities
1 fichier(s) 62 octets
7 R‚p(s) 63395299328 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D047-3B08

R‚pertoire de C:\Documents and Settings\Pascal\Application Data

28/12/2005 17:17 <REP> PC Tools
11/12/2005 17:36 <REP> Google
07/10/2005 17:16 <REP> FotoWire
30/05/2005 19:23 <REP> Chessmaster Challenge
24/04/2005 16:33 <REP> Apple Computer
01/04/2005 10:08 <REP> Real
09/03/2005 17:48 <REP> Macromedia
24/08/2004 08:10 <REP> Help
12/11/2003 14:12 <REP> MSN6
02/11/2003 21:34 <REP> Template
26/10/2003 14:00 62 desktop.ini
26/10/2003 14:00 <REP> Adobe
26/10/2003 14:00 <REP> Identities
26/10/2003 14:00 <REP> InterVideo
26/10/2003 14:00 <REP> InterTrust
26/10/2003 14:00 <REP> ..
26/10/2003 14:00 <REP> .
26/10/2003 14:00 <REP> Microsoft
1 fichier(s) 62 octets
17 R‚p(s) 63395295232 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D047-3B08

R‚pertoire de C:\Documents and Settings\Ren‚\Application Data

27/12/2005 18:23 <REP> Real
09/11/2003 16:07 62 desktop.ini
09/11/2003 16:07 <REP> Adobe
09/11/2003 16:07 <REP> InterTrust
09/11/2003 16:07 <REP> Identities
09/11/2003 16:07 <REP> InterVideo
09/11/2003 16:07 <REP> Microsoft
09/11/2003 16:07 <REP> .
09/11/2003 16:07 <REP> ..
1 fichier(s) 62 octets
8 R‚p(s) 63395295232 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D047-3B08

R‚pertoire de C:\WINDOWS\Tasks

02/05/2003 11:52 65 desktop.ini
02/05/2003 10:07 6 SA.DAT
02/05/2003 10:05 <REP> ..
02/05/2003 10:05 <REP> .
2 fichier(s) 71 octets
2 R‚p(s) 63ÿ395ÿ295ÿ232 octets libres

******************************************
Recherche dans Program files

Le dossier C:\Program Files\C2Media n'existe pas

*************** Fin du rapport ****************
0
Réponse 12 / 18
incognito02 Messages postés 3487 Date d'inscription vendredi 28 octobre 2005 Statut Contributeur Dernière intervention 17 août 2008 138
29 déc. 2005 à 16:41
La suite,

Imprime, ou enregistre dans le bloc note pour ne rien oublier

Désactive la restauration systeme
Clic droit sur poste de travail > propriétés > onglet restauration système
puis cocher "désactiver la restauration système".

et reboot le pc normalement (pas en sans echecs)

1/

telecharge process xp ici:
http://www.sysinternals.com/files/procexpnt.zip

Telecharge: Pocket Killbox ici
http://www.downloads.subratam.org/KillBox.exe

Désactive le temps de la manip, le Tea timer de spybot si tu l as
lance spybot >mode avancé> outils >> résident
Décoche la case résident "tea timer"
referme spybot

2/

Déconnecte toi du net.
Ferme tous les programmes en cours (média player, internet explorer, ...etc)

Dézippe(clic droit > extraire) process xp et double clic sur processxp.exe

* Dans la fenetre principale de processxp double clic sur winlogon.exe
Dans la nouvelle fenetre qui s'ouvre clic sur threads
selectionne seulement les lignes qui contiennent browsela.dll puis clic sur kill pour chacunes des lignes trouvées.
une fois fait, valider avec ok

* Dans la fenetre principale de processxp double clic sur explorer.exe
Dans la nouvelle fenetre qui s'ouvre clic sur threads
selectionner seulement les lignes qui contiennent browsela.dll puis clic sur kill pour chacunes des lignes trouvées.
une fois fait, valider avec ok


3/

puis lancer hijackthis:

clic sur "do a system scan only"

* Cocher la case au début de ces lignes:

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13Emww/YwLe98kRA1QsBxXT9F7fCFWdUBgSpDQPVHwBB3ffdt3jggSbm4LQawJbDcJJZezn7VK06suhsqcmGcmUbCNR4eEBzT18xtukzi


O2 - BHO: C:\WINDOWS\adsldpbf.dll - {EEE7178C-BBC3-4153-9DDE-CD0E9AB1B5B6} - C:\WINDOWS\adsldpbf.dll

O4 - HKCU\..\Run: [AlexaToolbar] C:\WINDOWS\alt.exe

O20 - Winlogon Notify: browsela - C:\WINDOWS\system32\browsela.dll


* Valider avec fix checked


5/

Double clic sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle: (ou recherche avec l explorateur)

C:\WINDOWS\system32\browsela.dll

- clic sur la croix rouge
- une fenetre va apparaitre pour confirmation clic sur YES
- une seconde fenetre te demande si tu veux redemarrer clic sur YES

Laisse le pc redemarrer

et après reposte un log hijackthis.

a+

0
Réponse 13 / 18
olafarge Messages postés 7 Date d'inscription mercredi 28 décembre 2005 Statut Membre Dernière intervention 31 décembre 2005
30 déc. 2005 à 10:22
Logfile of HijackThis v1.99.1
Scan saved at 10:18:02, on 30/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Documents and Settings\Pascal\Bureau\AntiSPy\HijackThis.exe
C:\Program Files\Logitech\Video\AlbumDB2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0167a6d9eacfbade4006/netzip/RdxIE601_fr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: bw+0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {152437DA-76F3-4662-8CD0-3BB69E3C489D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
0
Réponse 14 / 18
moi
31 déc. 2005 à 05:22
Salut !
Je viens tout juste de me débarasser du meme probleme!!! Avec trojan Remover 6.4.5.... Il me détecte tout de suite browsela.dll et me demadne quelle action je désire faire.. J'ai choisi d'arreter l'action du fichier. Le programme a redémarrer et a renommer ( dans c:\Windows\systeme32\browsela.dll pour browsela.dl$ et j'ai ainsi pu l'effacer!

bonne chance!!!!
0
Réponse 15 / 18
nono
31 déc. 2005 à 18:02
salut
meme pb avec browsela.dll
mais ou trouver trojan remover6.4.5
je n'ai que le 6.3.4
0
Réponse 16 / 18
olafarge Messages postés 7 Date d'inscription mercredi 28 décembre 2005 Statut Membre Dernière intervention 31 décembre 2005
31 déc. 2005 à 19:36
en fait avec la procédure ci dessus indiquée par incognito02, j'ai en effet pu supprimer browsela, ainsi que ALT.EXE et ADSL....dll
ça marche vous pouvez reprendre ci dessus en toute confiance
O.LAFARGE Solutions Informatiques Pour Tous
Merci Incognito02, même avec toute mon expérience, sur ce coup j'étais totalement dépassé
0
Réponse 17 / 18
tattoo71
1 janv. 2006 à 02:03
Bonjour!
pour regler ca facilement!
win32delfkil.exe.

2 minute et tout est regle!
0
Réponse 18 / 18
moi
5 janv. 2006 à 14:42
http://www.softpedia.com/progDownload/Trojan-Remover-Download-6773.html

tu peux le trouver la!
0

Discussions similaires

Problème de réception a cause du vent
Steven -
Andy31200 -

2 réponses
Trojan alerte
Titou43 -
gen-hackman -

23 réponses
Problème Virus Trojan
jmpower -
bazfile -

4 réponses