Intrusion porno - rapport hijackthis

eglantine -  
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,
Je fais la chasse aux sites pornos... Help ! je fais quoi maintenant ? merci !!
Logfile of HijackThis v1.99.1
Scan saved at 15:13:24, on 16/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\procia.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Tiscali\Dialer\Dialer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\LYDIA\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\Program Files\Real\RealJukebox\tsystray.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\procia.exe /run
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: Sexe-Telecom - {97114056-15E0-47AA-B784-4B533A9DC27E} - C:\Documents and Settings\YANN\Menu Démarrer\Programmes\Sexe-Telecom\Sexe-Telecom.lnk (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\AIM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1604DF98-D1A5-44FE-844A-98D6FD0518D0} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {17BFC8DA-B4D6-4DB9-AA40-1CD32EDA9845} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {201D3DA8-B495-4A3B-BEE8-6D8DDCCC5762} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {26D73573-F1B3-48C9-A989-E6CE071957A1} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1058_XP.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1059_XP.cab
O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} - http://fr4-download.nocreditcardgay.com/download/Object/DialerHTML/DHTMLAccessXP1...
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A1C392A2-B274-46DB-89BE-1FBD476B9C93} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A31D9A13-4C45-4DFB-8827-BA4F402D9C95} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
O16 - DPF: {A5173EA8-1337-4BAB-A67E-198C9919D9CC} (Loader Class) - http://213.11.100.127/websetup/websetup2.cab
O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://ww1.dlv4.com
O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) - http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
O16 - DPF: {E114CD5B-17CE-4807-890E-7B1EDF9F2E5E} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E19AB99F-AEC4-4B40-A5CA-F69D22522D77} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E1D20694-74D9-472D-AF03-08C26173A67F} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_em_XP.cab
O16 - DPF: {E24E8472-89B7-479F-8AD8-BBD7206A6A02} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {EC4AFBF3-4540-4306-AF10-4CAC509EA16B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {EF4DCD99-D26B-44A4-BA77-CFDCC97E7291} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} - https://www.afternic.com/domains/downloadv3.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{C659209E-75D0-4860-9497-BFFACF14ABDF}: NameServer = 213.36.80.1
O18 - Protocol: bw+0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: PAVWAIT.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
Configuration: XP familial
Avaast

10 réponses

  1. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

    O18 - Protocol: bw+0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {96B955F1-03D1-4F83-BCE9-CD7BD1443A51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.d

    ensuite :

    Télécharge Blacklight (de F-Secure) :

    https://www.f-secure.com/en

    et sauvegarde le sur ton Bureau.

    Double-clique blbeta.exe et accepte la licence ;clique Scan puis Next

    Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

    Copie et colle le contenu de ce rapport dans ta prochaine réponse

    a+

    ***j'ai decidé d'être heureux parce que c'est bon pour la santé ! ( Voltaire )***
    0
  2. eglantine7 Messages postés 72 Statut Membre
     
    Bonjour Green day, voici donc ce rapport ! Merci de ton aide !

    06/16/06 18:28:02 [Info]: BlackLight Engine 1.0.37 initialized
    06/16/06 18:28:02 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    06/16/06 18:28:02 [Note]: 7019 4
    06/16/06 18:28:02 [Note]: 7005 0
    06/16/06 18:28:16 [Note]: 7006 0
    06/16/06 18:28:16 [Note]: 7011 1408
    06/16/06 18:28:16 [Note]: 7026 0
    06/16/06 18:28:16 [Note]: 7026 0
    06/16/06 18:28:16 [Note]: 7024 3
    06/16/06 18:28:16 [Info]: Hidden process: C:\windows\system32\hxdcvw.exe
    06/16/06 18:28:16 [Note]: FSRAW library version 1.7.1015
    06/16/06 18:33:35 [Info]: Hidden file: c:\WINDOWS\system32\hxdcvw.dat
    06/16/06 18:33:35 [Note]: 10002 1
    06/16/06 18:33:35 [Info]: Hidden file: C:\windows\system32\hxdcvw.exe
    06/16/06 18:33:35 [Note]: 10002 1
    06/16/06 18:33:35 [Info]: Hidden file: c:\WINDOWS\system32\hxdcvw_nav.dat
    06/16/06 18:33:35 [Note]: 10002 1
    06/16/06 18:33:44 [Info]: Hidden file: c:\WINDOWS\Prefetch\HXDCVW.EXE-07E74C89.pf
    06/16/06 18:33:44 [Note]: 10002 1
    06/16/06 18:36:34 [Note]: 700706/16/06 18:39:44 [Info]: BlackLight Engine 1.0.37 initialized
    06/16/06 18:39:44 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    06/16/06 18:39:45 [Note]: 7019 4
    06/16/06 18:39:45 [Note]: 7005 0
    06/16/06 18:39:50 [Note]: 7006 0
    06/16/06 18:39:50 [Note]: 7011 1408
    06/16/06 18:39:51 [Note]: 7026 0
    06/16/06 18:39:51 [Note]: 7026 0
    06/16/06 18:39:51 [Note]: 7024 3
    06/16/06 18:39:51 [Info]: Hidden process: C:\windows\system32\hxdcvw.exe
    06/16/06 18:39:51 [Note]: FSRAW library version 1.7.1015
    06/16/06 18:44:46 [Info]: Hidden file: c:\WINDOWS\system32\hxdcvw.dat
    06/16/06 18:44:46 [Note]: 10002 1
    06/16/06 18:44:46 [Info]: Hidden file: C:\windows\system32\hxdcvw.exe
    06/16/06 18:44:46 [Note]: 10002 1
    06/16/06 18:44:47 [Info]: Hidden file: c:\WINDOWS\system32\hxdcvw_nav.dat
    06/16/06 18:44:47 [Note]: 10002 1
    06/16/06 18:44:56 [Info]: Hidden file: c:\WINDOWS\Prefetch\HXDCVW.EXE-07E74C89.pf
    06/16/06 18:44:56 [Note]: 10002 1
    06/16/06 18:51:35 [Note]: 7007 0
    0
    06/16/06 19:16:16 [Info]: BlackLight Engine 1.0.37 initialized
    06/16/06 19:16:16 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    06/16/06 19:16:17 [Note]: 7019 4
    06/16/06 19:16:17 [Note]: 7005 0
    06/16/06 19:16:29 [Note]: 7006 0
    06/16/06 19:16:29 [Note]: 7011 1408
    06/16/06 19:16:30 [Note]: 7026 0
    06/16/06 19:16:30 [Note]: 7026 0
    06/16/06 19:16:30 [Note]: 7024 3
    06/16/06 19:16:30 [Info]: Hidden process: C:\windows\system32\hxdcvw.exe
    06/16/06 19:16:31 [Note]: FSRAW library version 1.7.1015
    06/16/06 19:21:06 [Info]: Hidden file: c:\WINDOWS\system32\hxdcvw.dat
    06/16/06 19:21:06 [Note]: 10002 1
    06/16/06 19:21:06 [Info]: Hidden file: C:\windows\system32\hxdcvw.exe
    06/16/06 19:21:06 [Note]: 10002 1
    06/16/06 19:21:07 [Info]: Hidden file: c:\WINDOWS\system32\hxdcvw_nav.dat
    06/16/06 19:21:07 [Note]: 10002 1
    06/16/06 19:21:15 [Info]: Hidden file: c:\WINDOWS\Prefetch\HXDCVW.EXE-07E74C89.pf
    06/16/06 19:21:15 [Note]: 10002 1
    06/16/06 19:22:34 [Note]: 7007 0
    0
  3. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    relance BlackLight et fait l'option 2 'cleaning" pour faire le nettoyage et colle le rapport généré ici avec un nouveau rapport hijackthis

    @+
    0
  4. eglantine7 Messages postés 72 Statut Membre
     
    OK merci Green day !
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. eglantine7 Messages postés 72 Statut Membre
     
    Hello Green day, j'espère que j'ai bien fait : Logfile of HijackThis v1.99.1
    Scan saved at 15:49:25, on 17/06/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\system32\ScsiAccess.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
    C:\Compaq\EAKDRV\EAUSBKBD.EXE
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
    C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\procia.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Tiscali\Dialer\Dialer.exe
    C:\WINDOWS\SYSTEM32\cidaemon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\PROGRA~1\GOTOSO~1\VADERE~1\VADERE~1.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\DOCUME~1\LYDIA\LOCALS~1\Temp\Répertoire temporaire 5 pour hijackthis_199.zip\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
    O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\Kazaa.exe /SYSTRAY
    O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\Program Files\Real\RealJukebox\tsystray.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\procia.exe /run
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
    O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
    O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
    O9 - Extra button: Sexe-Telecom - {97114056-15E0-47AA-B784-4B533A9DC27E} - C:\Documents and Settings\YANN\Menu Démarrer\Programmes\Sexe-Telecom\Sexe-Telecom.lnk (file missing)
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\AIM.EXE
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
    O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {1604DF98-D1A5-44FE-844A-98D6FD0518D0} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {17BFC8DA-B4D6-4DB9-AA40-1CD32EDA9845} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
    O16 - DPF: {201D3DA8-B495-4A3B-BEE8-6D8DDCCC5762} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {26D73573-F1B3-48C9-A989-E6CE071957A1} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1058_XP.cab
    O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
    O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
    O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1059_XP.cab
    O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} - http://fr4-download.nocreditcardgay.com/download/Object/DialerHTML/DHTMLAccessXP1...
    O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {A1C392A2-B274-46DB-89BE-1FBD476B9C93} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {A31D9A13-4C45-4DFB-8827-BA4F402D9C95} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
    O16 - DPF: {A5173EA8-1337-4BAB-A67E-198C9919D9CC} (Loader Class) - http://213.11.100.127/websetup/websetup2.cab
    O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://ww1.dlv4.com
    O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) - http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
    O16 - DPF: {E114CD5B-17CE-4807-890E-7B1EDF9F2E5E} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {E19AB99F-AEC4-4B40-A5CA-F69D22522D77} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {E1D20694-74D9-472D-AF03-08C26173A67F} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_em_XP.cab
    O16 - DPF: {E24E8472-89B7-479F-8AD8-BBD7206A6A02} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {EC4AFBF3-4540-4306-AF10-4CAC509EA16B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {EF4DCD99-D26B-44A4-BA77-CFDCC97E7291} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
    O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} - https://www.afternic.com/domains/downloadv3.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C659209E-75D0-4860-9497-BFFACF14ABDF}: NameServer = 213.36.80.1
    O20 - AppInit_DLLs: PAVWAIT.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
    0
  7. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    re

    installe un parfeu !

    tu as bien fais l'option 2 de BlackLight avant de refaire un nouveau hijackthis ???

    Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\Program Files\Real\RealJukebox\tsystray.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\procia.exe /run
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?

    O9 - Extra button: Real.com -
    {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

    O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
    O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {1604DF98-D1A5-44FE-844A-98D6FD0518D0} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {17BFC8DA-B4D6-4DB9-AA40-1CD32EDA9845} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {1CD49DC9-FD88-41FA-B892-47E037267D45} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
    O16 - DPF: {201D3DA8-B495-4A3B-BEE8-6D8DDCCC5762} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {26D73573-F1B3-48C9-A989-E6CE071957A1} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1058_XP.cab
    O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
    O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
    O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1059_XP.cab
    O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} - http://fr4-download.nocreditcardgay.com/download/Object/DialerHTML/DHTMLAccessXP1...
    O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {A1C392A2-B274-46DB-89BE-1FBD476B9C93} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {A31D9A13-4C45-4DFB-8827-BA4F402D9C95} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_XP.cab
    O16 - DPF: {A5173EA8-1337-4BAB-A67E-198C9919D9CC} (Loader Class) - http://213.11.100.127/websetup/websetup2.cab
    O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://ww1.dlv4.com
    O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) - http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
    O16 - DPF: {E114CD5B-17CE-4807-890E-7B1EDF9F2E5E} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {E19AB99F-AEC4-4B40-A5CA-F69D22522D77} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {E1D20694-74D9-472D-AF03-08C26173A67F} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1063_em_XP.cab
    O16 - DPF: {E24E8472-89B7-479F-8AD8-BBD7206A6A02} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {EC4AFBF3-4540-4306-AF10-4CAC509EA16B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {EF4DCD99-D26B-44A4-BA77-CFDCC97E7291} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
    O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} - https://www.afternic.com/domains/downloadv3.com

    ensuite :

    *Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .

    *Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
    est cochée) puis clique sur "lancer le nettoyage"

    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

    tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

    et enfin fais le 1/ et 2/ de ce lien stp

    virus methode preliminaire de desinfection version fr

    bon courage,@+

    ***j'ai decidé d'être heureux parce que c'est bon pour la santé ! ( Voltaire )***
    0
  8. eglantine7 Messages postés 72 Statut Membre
     
    hello Green day !
    J'ai d'abord fait un scan avec Blacklight puis Next puis option 2 cleaning C'est ça ? J'ai ensuite relancé Hijackthis, et le rapport ci dessus. Je continue donc comme tu me l'indiques plus haut ? Merci !
    0
  9. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    re

    ok, c'est bon

    ++
    0
  10. eglantine7 Messages postés 72 Statut Membre
     
    Green day..... il y a 578 erreurs !!!
    C'est normal ? je fais "corriger toutes les erreurs" ?
    Merci !
    0
  11. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    oula ! pas mal ...

    oui corrige tout !

    ++
    0