Sujet Précédent Sujet Suivant

[besoin daide pour eliminer TR/Agent/CS/1]

Résolu/Fermé
mylene - 11 mars 2006 à 14:49
 Utilisateur anonyme - 11 mars 2006 à 18:43
Bonjour,

j'aurai besoin d'aide svp pour éliminer un trojan horse : TR/Agent.CS.1 .
Mon antivirus "Antivir" l'a détecté dans C:/Windows/msagent/intel/inetms.dll et il ne peut pas le supprimer et depuis un message d'alerte s'affiche continuellement quand j'ouvre internet explorer ou au demarage de mon ordinateur.

Logfile of HijackThis v1.99.1
Scan saved at 14:41:32, on 11/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sldwmhmcsxjaxnrbxgbjzippp.biz/B_4UnieS3vyIjCwTxqx4lLDzFWHZ5qp3movEe7IFdokNnF814X3TJ4svcJ7OgAIh.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/hautdebit
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\msagent\intl\inetms.dll
O2 - BHO: (no name) - {FE426EB8-7AEE-B064-5D35-D1C6A0CCF19A} - C:\PROGRA~1\MULTII~1\Settingsdog.exe (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [4W3G6DP46F6C52] C:\WINDOWS\system32\MtkO8q9.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O18 - Protocol: bw+0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: inetms - C:\WINDOWS\msagent\intl\inetms.dll
O20 - Winlogon Notify: sysmain - C:\WINDOWS\REGIST~1\sysmain.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe
O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE

13 réponses

Réponse 1 / 13
Utilisateur anonyme
11 mars 2006 à 16:01
salut telecharge the killbox :

http://pageperso.aol.fr/Balltrap34/KillBox.exe
Double clic sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle:

C:/Windows/msagent/intel/inetms.dll

- clique sur la croix rouge
- une fenêtre va apparaître pour confirmation clique sur YES
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES . si ton ordi ne redemarre pas automatiquement redemare le manuelement

refait un hijack et colle le resultat ici

@++++++++
0
Réponse 2 / 13
mylene
11 mars 2006 à 16:34
Logfile of HijackThis v1.99.1
Scan saved at 16:32:33, on 11/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sldwmhmcsxjaxnrbxgbjzippp.biz/B_4UnieS3vyIjCwTxqx4lLDzFWHZ5qp3movEe7IFdokNnF814X3TJ4svcJ7OgAIh.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/hautdebit
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\msagent\intl\inetms.dll
O2 - BHO: (no name) - {FE426EB8-7AEE-B064-5D35-D1C6A0CCF19A} - C:\PROGRA~1\MULTII~1\Settingsdog.exe (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [4W3G6DP46F6C52] C:\WINDOWS\system32\MtkO8q9.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O18 - Protocol: bw+0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: inetms - C:\WINDOWS\msagent\intl\inetms.dll
O20 - Winlogon Notify: sysmain - C:\WINDOWS\REGIST~1\sysmain.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe
O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
0
Réponse 3 / 13
Utilisateur anonyme
11 mars 2006 à 16:51
télécharge : process xp ici:
http://www.sysinternals.com/files/procexpnt.zip


Déconnecte toi du net.
Ferme tous les programmes en cours (média player, internet explorer, ...etc)

Dézippe (clic droit > extraire) process xp et double clic sur processxp.exe

* Dans la fenêtre principale de processxp double clic sur winlogon.exe
Dans la nouvelle fenêtre qui s'ouvre clique sur threads
sélectionne seulement les lignes qui contiennent inetms.dll puis clique sur kill pour chacune des lignes trouvées.
une fois fait, valide avec ok

* Dans la fenêtre principale de processxp double clic sur explorer.exe
Dans la nouvelle fenêtre qui s'ouvre clique sur threads
sélectionner seulement les lignes qui contiennent inetms.dll puis clique sur kill pour chacune des lignes trouvées.
une fois fait, valide avec ok



puis lancer HijackThis:

clique sur "do a system scan only"

* Cocher la case au début de ces lignes:

O2 - BHO: ATLDistrib Object - {93C6313C-9DB4-4694-8BD0-E378C573A9AD} - C:\WINDOWS\system32\geeby.dll

O20 - Winlogon Notify: inetms - C:\WINDOWS\msagent\intl\inetms.dll

* Valider avec fix checked




Double clic sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle:

C:/Windows/msagent/intel/inetms.dll

- clique sur la croix rouge
- une fenêtre va apparaître pour confirmation clique sur YES
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES

Si ce message s’affiche ignore le :
http://tinypic.com/jsj7kl.jpg
Laisse le pc redémarrer ou redemarre manuellement s il le fait pas.
Et après reposte un log HijackThis.

@+++++++++++
0
Réponse 4 / 13
mylene
11 mars 2006 à 17:46
Logfile of HijackThis v1.99.1
Scan saved at 17:42:44, on 11/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sldwmhmcsxjaxnrbxgbjzippp.biz/B_4UnieS3vyIjCwTxqx4lLDzFWHZ5qp3movEe7IFdokNnF814X3TJ4svcJ7OgAIh.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/hautdebit
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {FE426EB8-7AEE-B064-5D35-D1C6A0CCF19A} - C:\PROGRA~1\MULTII~1\Settingsdog.exe (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [4W3G6DP46F6C52] C:\WINDOWS\system32\MtkO8q9.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O18 - Protocol: bw+0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: sysmain - C:\WINDOWS\REGIST~1\sysmain.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe
O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE

a++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
Utilisateur anonyme
11 mars 2006 à 17:52
ok c bon le trojan a disparu il rest just adware lop a supprimé qui est prensent dans hijack

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sldwmhmcsxjaxnrbxgbjzippp.biz/B_4UnieS3vyIjCwTxqx4lLDzFWHZ5qp3movEe7IFdokNnF814X3TJ4svcJ7OgAIh.asp


1) telecharge lopxp ici:

http://pageperso.aol.fr/balltrap34/lopxp.zip

2) dezippe le (clic droit dessus > extraire tout)
et lance lopxp.bat
le bloc note va s'ouvrir, copie et colle le contenu ici

@++++++++++
0
Réponse 6 / 13
mylene
11 mars 2006 à 17:56
mercii bcp

Rapport fait à 17:55:22,39 le 11/03/2006

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\Default User\Application Data

06/09/2004 18:55 <REP> Identities
06/09/2004 18:55 <REP> InterTrust
06/09/2004 18:55 <REP> Adobe
06/09/2004 18:55 <REP> Sun
20/06/2004 09:47 62 desktop.ini
20/06/2004 09:47 <REP> Microsoft
20/06/2004 09:47 <REP> ..
20/06/2004 09:47 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 63120441344 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\All Users\Application Data

16/02/2006 18:04 305 addr_file.html
16/02/2006 18:01 <REP> AntiVir PersonalEdition classic
12/02/2006 23:15 <REP> Skype
03/01/2006 16:17 <REP> Yahoo! Companion
03/01/2006 16:06 <REP> Adobe
11/11/2005 20:05 <REP> Softdisk LLC
21/10/2005 17:26 <REP> PlayFirst
28/08/2005 18:21 <REP> Messenger Plus!
25/08/2005 18:41 <REP> MSN6
16/04/2005 17:01 <REP> SC Test Branding 1
27/03/2005 20:30 <REP> BOONTY
27/12/2004 20:36 <REP> QuickTime
23/11/2004 18:43 <REP> Macrovision
12/09/2004 15:30 <REP> Spybot - Search & Destroy
08/09/2004 13:55 <REP> pixelStorm
08/09/2004 13:30 <REP> 2 second real hide
20/06/2004 10:01 <REP> CyberLink
20/06/2004 09:47 62 desktop.ini
20/06/2004 09:47 <REP> Microsoft
20/06/2004 09:47 <REP> .
20/06/2004 09:47 <REP> ..
2 fichier(s) 367 octets
19 R‚p(s) 63120441344 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\Mymy\Application Data

10/03/2006 19:33 <REP> Checkflow
12/02/2006 23:15 <REP> Skype
03/01/2006 16:30 <REP> Leadertech
03/01/2006 16:07 <REP> AdobeUM
21/10/2005 17:26 <REP> PlayFirst
27/08/2005 19:55 <REP> FotoWire
25/08/2005 18:41 <REP> MSN6
27/04/2005 12:22 <REP> Real
03/04/2005 19:39 <REP> Raptisoft
18/01/2005 22:25 <REP> Creative
02/01/2005 18:44 <REP> MULTI IDOL FLAG
27/12/2004 20:58 <REP> ArcSoft
27/12/2004 20:39 <REP> Nikon
24/10/2004 18:18 <REP> Yahoo! Messenger
22/09/2004 15:10 <REP> Help
12/09/2004 15:05 <REP> Mozilla
08/09/2004 13:53 <REP> Macromedia
06/09/2004 18:56 62 desktop.ini
06/09/2004 18:56 <REP> Microsoft
06/09/2004 18:56 <REP> Sun
06/09/2004 18:56 <REP> Adobe
06/09/2004 18:56 <REP> Identities
06/09/2004 18:56 <REP> ..
06/09/2004 18:56 <REP> .
06/09/2004 18:56 <REP> InterTrust
1 fichier(s) 62 octets
24 R‚p(s) 63120441344 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\Propri‚taire

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\WINDOWS\Tasks

08/09/2004 13:30 234 A7AD602A91A318CE.job
20/06/2004 09:52 6 SA.DAT
20/06/2004 09:51 <REP> ..
20/06/2004 09:51 <REP> .
01/01/1980 00:00 65 desktop.ini
3 fichier(s) 305 octets
2 R‚p(s) 63ÿ120ÿ441ÿ344 octets libres

******************************************
Recherche dans Program files

Le dossier C:\Program Files\C2Media n'existe pas

*************** Fin du rapport ****************
0
Réponse 7 / 13
Utilisateur anonyme
11 mars 2006 à 18:07
Déconnecte toi d'internet:

Ferme tout les programmes en cours

demarrer > executer et tape cmd
dans la fenetre dos, copie et colle ceci:

del /a C:\WINDOWS\Tasks\AFD5299591BADAC5.job

et valide

ouvre hijack/ coche cette ligne puis clike sur fix checked

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sldwmhmcsxjaxnrbxgbjzippp.biz/B_4UnieS3vyIjCwTxqx4lLDzFWHZ5qp3movEe7IFdokNnF814X3TJ4svcJ7OgAIh.asp



remet un lopxp suivi d'un hijack

@++++++++
0
Réponse 8 / 13
mylene
11 mars 2006 à 18:18
Rapport fait à 18:14:22,32 le 11/03/2006

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\Default User\Application Data

06/09/2004 18:55 <REP> Identities
06/09/2004 18:55 <REP> InterTrust
06/09/2004 18:55 <REP> Adobe
06/09/2004 18:55 <REP> Sun
20/06/2004 09:47 62 desktop.ini
20/06/2004 09:47 <REP> Microsoft
20/06/2004 09:47 <REP> ..
20/06/2004 09:47 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 63119327232 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\All Users\Application Data

16/02/2006 18:04 305 addr_file.html
16/02/2006 18:01 <REP> AntiVir PersonalEdition classic
12/02/2006 23:15 <REP> Skype
03/01/2006 16:17 <REP> Yahoo! Companion
03/01/2006 16:06 <REP> Adobe
11/11/2005 20:05 <REP> Softdisk LLC
21/10/2005 17:26 <REP> PlayFirst
28/08/2005 18:21 <REP> Messenger Plus!
25/08/2005 18:41 <REP> MSN6
16/04/2005 17:01 <REP> SC Test Branding 1
27/03/2005 20:30 <REP> BOONTY
27/12/2004 20:36 <REP> QuickTime
23/11/2004 18:43 <REP> Macrovision
12/09/2004 15:30 <REP> Spybot - Search & Destroy
08/09/2004 13:55 <REP> pixelStorm
08/09/2004 13:30 <REP> 2 second real hide
20/06/2004 10:01 <REP> CyberLink
20/06/2004 09:47 62 desktop.ini
20/06/2004 09:47 <REP> Microsoft
20/06/2004 09:47 <REP> .
20/06/2004 09:47 <REP> ..
2 fichier(s) 367 octets
19 R‚p(s) 63119327232 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\Mymy\Application Data

10/03/2006 19:33 <REP> Checkflow
12/02/2006 23:15 <REP> Skype
03/01/2006 16:30 <REP> Leadertech
03/01/2006 16:07 <REP> AdobeUM
21/10/2005 17:26 <REP> PlayFirst
27/08/2005 19:55 <REP> FotoWire
25/08/2005 18:41 <REP> MSN6
27/04/2005 12:22 <REP> Real
03/04/2005 19:39 <REP> Raptisoft
18/01/2005 22:25 <REP> Creative
02/01/2005 18:44 <REP> MULTI IDOL FLAG
27/12/2004 20:58 <REP> ArcSoft
27/12/2004 20:39 <REP> Nikon
24/10/2004 18:18 <REP> Yahoo! Messenger
22/09/2004 15:10 <REP> Help
12/09/2004 15:05 <REP> Mozilla
08/09/2004 13:53 <REP> Macromedia
06/09/2004 18:56 62 desktop.ini
06/09/2004 18:56 <REP> Microsoft
06/09/2004 18:56 <REP> Sun
06/09/2004 18:56 <REP> Adobe
06/09/2004 18:56 <REP> Identities
06/09/2004 18:56 <REP> ..
06/09/2004 18:56 <REP> .
06/09/2004 18:56 <REP> InterTrust
1 fichier(s) 62 octets
24 R‚p(s) 63119327232 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\Documents and Settings\Propri‚taire

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2B1B-1302

R‚pertoire de C:\WINDOWS\Tasks

08/09/2004 13:30 234 A7AD602A91A318CE.job
20/06/2004 09:52 6 SA.DAT
20/06/2004 09:51 <REP> ..
20/06/2004 09:51 <REP> .
01/01/1980 00:00 65 desktop.ini
3 fichier(s) 305 octets
2 R‚p(s) 63ÿ119ÿ327ÿ232 octets libres

******************************************
Recherche dans Program files

Le dossier C:\Program Files\C2Media n'existe pas

*************** Fin du rapport ****************




Logfile of HijackThis v1.99.1
Scan saved at 18:15:02, on 11/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Windows NT\Accessoires\wordpad.exe
C:\Program Files\Logitech\Video\AlbumDB2.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/hautdebit
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {FE426EB8-7AEE-B064-5D35-D1C6A0CCF19A} - C:\PROGRA~1\MULTII~1\Settingsdog.exe (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [4W3G6DP46F6C52] C:\WINDOWS\system32\MtkO8q9.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O18 - Protocol: bw+0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: sysmain - C:\WINDOWS\REGIST~1\sysmain.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe
O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
0
Réponse 9 / 13
Utilisateur anonyme
11 mars 2006 à 18:23
redemare l'ordi et remet un hijack pour voir si les spys sont bien parti plus un log lopxp

@++++++++++
0
Réponse 10 / 13
mylene
11 mars 2006 à 18:28
Logfile of HijackThis v1.99.1
Scan saved at 18:28:19, on 11/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/hautdebit
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {FE426EB8-7AEE-B064-5D35-D1C6A0CCF19A} - C:\PROGRA~1\MULTII~1\Settingsdog.exe (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [4W3G6DP46F6C52] C:\WINDOWS\system32\MtkO8q9.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O18 - Protocol: bw+0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0A527AB7-A139-42E1-87F2-2ADC44339E41} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: sysmain - C:\WINDOWS\REGIST~1\sysmain.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe
O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\MYMY\LOCALS~1\TEMP\_VWUPSRV.EXE
0
Réponse 11 / 13
Utilisateur anonyme
11 mars 2006 à 18:31
ok c bon le log a l'air propre t'en ai ou avec tes probleme?

@++++++
0
Réponse 12 / 13
mylene
11 mars 2006 à 18:36
dakor mercii bcp
0
Réponse 13 / 13
Utilisateur anonyme
11 mars 2006 à 18:43
Salut,

??

O4 - HKLM\..\Run: [4W3G6DP46F6C52] C:\WINDOWS\system32\MtkO8q9.exe
O20 - Winlogon Notify: sysmain - C:\WINDOWS\REGIST~1\sysmain.dll (file missing)

pare-feu ?
0

Discussions similaires

Boucle sur la première diapositive d'une présentation
ND83 -
ndubau -

3 réponses
QuickShare c'est quoi ce truc
edelweiss2604 -
edelweiss2604 -

41 réponses
Sa veux dire koi??Subject: FW: Tr :FW: TR: TR
france22 -
ghano0666545160 -

12 réponses
Market feedback agent s'est arrêté. Toutes mes messageries sont bloquées ainsi t
Val -
Utilisateur anonyme -

1 réponse
casque sans fil Sennheiser TR 4200 ne fonctionne plus
jcb83400 -
DIY -

3 réponses