Virus iexplore
Résolu
frenchcore
Messages postés
8
Date d'inscription
Statut
Membre
Dernière intervention
-
frenchcore Messages postés 8 Date d'inscription Statut Membre Dernière intervention -
frenchcore Messages postés 8 Date d'inscription Statut Membre Dernière intervention -
voilà il y a une semaine j'ai remarqué que j'avais 2 iexplore dans mon gestionnaire des taches alors que je n'ai rien touché et que j'utilise firefox.je vous copie le rapport hijackthis pour que vous m'aidiez et me dire comment faire.par avance merci ^^
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Internet Download Manager\IDMan.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Utilisateur\Bureau\doc\scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKCU\..\Run: [idman] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Blah store] C:\DOCUME~1\UTILIS~1\APPLIC~1\BURNEA~1\Defy base.exe
O4 - Startup: ATI Tray Tools.lnk = C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123003278093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/pla...0/Installer.exe
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: bw+0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Internet Download Manager\IDMan.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Utilisateur\Bureau\doc\scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKCU\..\Run: [idman] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Blah store] C:\DOCUME~1\UTILIS~1\APPLIC~1\BURNEA~1\Defy base.exe
O4 - Startup: ATI Tray Tools.lnk = C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123003278093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/pla...0/Installer.exe
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: bw+0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
A voir également:
- Virus iexplore
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Altruistic virus ✓ - Forum Antivirus
4 réponses
Bonjour
Il y a infection par Lop.
Télécharge LopxpMH sur ton Bureau.
http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip
Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
Poste le contenu du rapport qui va s'ouvrir.
Il y a infection par Lop.
Télécharge LopxpMH sur ton Bureau.
http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip
Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
Poste le contenu du rapport qui va s'ouvrir.
Rapport fait à 23:51:21,89 le 18/02/2007
******************************************
## Répertoires Application Data
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\All Users\Application Data
02/08/2005 17:09 <REP> .
02/08/2005 17:09 <REP> ..
01/10/2005 23:36 <REP> Adobe
01/10/2005 23:37 <REP> Adobe Systems
11/03/2006 22:39 <REP> Apple Computer
13/08/2005 00:47 <REP> Avg7
02/08/2005 17:55 <REP> BVRP Software
17/12/2006 01:07 <REP> Corel
17/08/2005 23:22 <REP> InstallShield
03/12/2005 11:14 <REP> Kaspersky Anti-Virus Personal Pro
02/08/2005 17:09 <REP> Microsoft
09/04/2006 03:11 <REP> Raxco
06/01/2007 03:32 <REP> Real
03/09/2005 10:15 <REP> Spybot - Search & Destroy
11/02/2007 21:03 <REP> TIME ACE MORE PROGRAM
30/09/2005 20:35 <REP> TuneUp Software
26/08/2005 15:45 <REP> Windows Genuine Advantage
02/08/2005 17:10 62 desktop.ini
21/07/2006 22:36 126ÿ264 firstlsp.reg.dat
07/04/2006 18:31 2ÿ385 QTSBandwidthCache
3 fichier(s) 128ÿ711 octets
17 R‚p(s) 24ÿ314ÿ052ÿ608 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Default User\Application Data
02/08/2005 17:09 <REP> .
02/08/2005 17:09 <REP> ..
02/08/2005 17:09 <REP> Microsoft
02/08/2005 17:10 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data
02/08/2005 17:10 <REP> .
02/08/2005 17:10 <REP> ..
02/08/2005 15:19 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\LocalService\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
02/08/2005 15:23 <REP> Microsoft
14/07/2006 18:39 <REP> Webroot
0 fichier(s) 0 octets
4 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
26/11/2005 22:12 <REP> Help
02/08/2005 15:23 <REP> Microsoft
13/08/2005 00:47 18ÿ560 GDIPFONTCACHEV1.DAT
1 fichier(s) 18ÿ560 octets
4 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\NetworkService\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
02/08/2005 15:23 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
02/08/2005 15:23 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Utilisateur\Application Data
02/08/2005 15:25 <REP> .
02/08/2005 15:25 <REP> ..
15/08/2006 20:14 <REP> .gaim
01/10/2005 23:46 <REP> Adobe
26/11/2005 18:17 <REP> AdobeUM
17/02/2006 18:13 <REP> Apple Computer
15/04/2006 16:38 <REP> ATI
03/09/2006 01:29 <REP> atitray
11/02/2007 21:03 <REP> BurnEachFor
28/06/2006 18:02 <REP> Camfrog
17/12/2006 01:08 <REP> Corel
24/09/2006 02:04 <REP> DMCache
03/02/2007 12:39 <REP> Doppler
14/05/2006 22:09 <REP> dvdcss
12/11/2005 18:05 <REP> Google
05/08/2005 12:35 <REP> Help
24/09/2006 09:32 <REP> IDM
18/02/2007 23:15 <REP> InstallShield
25/10/2005 12:04 <REP> Lavasoft
10/09/2005 20:15 <REP> Leadertech
29/11/2005 19:10 <REP> Logitech
02/08/2005 19:18 <REP> Macromedia
06/01/2007 03:34 <REP> Media Player Classic
02/08/2005 15:25 <REP> Microsoft
02/08/2005 18:51 <REP> Mozilla
18/02/2006 01:36 <REP> PC Tools
06/01/2007 03:32 <REP> Real
05/08/2005 17:05 <REP> Shareaza
04/05/2006 16:09 <REP> Sun
02/12/2005 21:51 <REP> Talkback
21/08/2005 01:18 <REP> teamspeak2
14/01/2006 12:14 <REP> THQ
14/02/2007 22:59 <REP> TrojanHunter
21/08/2005 16:19 <REP> TuneUp Software
14/02/2007 22:29 <REP> Uniblue
21/01/2007 15:32 <REP> uTorrent
02/08/2005 21:48 <REP> vlc
18/11/2005 15:44 <REP> Xfire
21/04/2006 20:04 26ÿ624 CDRusersDB.v12
02/08/2005 15:25 62 desktop.ini
06/07/2006 18:37 1ÿ035 QuickZip45.ini
27/12/2005 21:46 335 Taxi4.MCS
4 fichier(s) 28ÿ056 octets
38 R‚p(s) 24ÿ314ÿ036ÿ224 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Utilisateur\Local Settings\Application Data
02/08/2005 15:25 <REP> .
02/08/2005 15:25 <REP> ..
15/08/2006 10:19 <REP> ABBYY
01/10/2005 23:47 <REP> Adobe
13/08/2005 12:51 <REP> Ahead
26/10/2005 11:36 <REP> Apple Computer
15/04/2006 16:38 <REP> ApplicationHistory
15/04/2006 16:38 <REP> ATI
03/02/2007 12:39 <REP> DopplerRadio.NET
12/11/2005 18:05 <REP> Google
05/08/2005 12:35 <REP> Help
05/08/2005 12:35 <REP> Identities
02/08/2005 15:25 <REP> Microsoft
11/11/2005 14:15 <REP> Mozilla
05/12/2006 06:21 <REP> Pando
05/08/2005 17:05 <REP> Shareaza
07/05/2006 01:40 <REP> Stardock
04/08/2005 19:12 244ÿ224 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
15/04/2006 16:38 134 fusioncache.dat
02/08/2005 23:10 23ÿ000 GDIPFONTCACHEV1.DAT
24/11/2006 20:50 2ÿ644ÿ972 IconCache.db
4 fichier(s) 2ÿ912ÿ330 octets
17 R‚p(s) 24ÿ314ÿ036ÿ224 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data
02/08/2005 15:22 <REP> .
02/08/2005 15:22 <REP> ..
02/08/2005 15:22 <REP> Microsoft
02/08/2005 15:22 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 24ÿ314ÿ036ÿ224 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
02/08/2005 15:22 <REP> .
02/08/2005 15:22 <REP> ..
02/08/2005 15:22 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ032ÿ128 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\WINDOWS\Tasks
11/02/2007 21:03 292 AB0725BB93A8A1D7.job
06/01/2007 03:26 284 AppleSoftwareUpdate.job
02/11/2006 11:09 420 Maintenance en 1 clic.job
30/09/2005 20:36 402 1-Click Maintenance.job
02/08/2005 15:23 6 SA.DAT
02/08/2005 15:17 65 desktop.ini
02/08/2005 15:17 <REP> ..
02/08/2005 15:17 <REP> .
6 fichier(s) 1ÿ469 octets
2 R‚p(s) 24ÿ314ÿ032ÿ128 octets libres
******************************************
## Répertoires de C:\Program Files
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Program Files
18/02/2007 23:16 <REP> .
18/02/2007 23:16 <REP> ..
22/07/2006 11:12 <REP> 7-Zip
02/08/2005 17:55 <REP> ABBYY FineReader 5.0 Sprint
15/02/2006 18:45 <REP> Adobe
18/02/2007 11:57 <REP> Agathe Mill‚nium Gestion
13/08/2005 01:16 <REP> Ahead
27/11/2006 18:46 <REP> Alwil Software
06/01/2007 03:26 <REP> Apple Software Update
18/02/2007 20:29 <REP> a-squared HiJackFree
14/07/2006 01:13 <REP> ATI Technologies
03/09/2006 14:42 <REP> ATITool
14/10/2006 22:08 <REP> Audacity
07/08/2005 19:23 <REP> AvantGo Connect
16/12/2006 22:58 <REP> AviSynth 2.5
23/08/2005 13:44 <REP> AVPersonal
11/07/2006 19:53 <REP> Axon Data
11/02/2007 21:03 <REP> BurnEachFor
21/01/2007 15:53 <REP> Camfrog
14/05/2006 19:05 <REP> CCleaner
15/08/2006 20:11 <REP> Common Files
02/08/2005 15:16 <REP> ComPlus Applications
06/01/2007 03:39 <REP> Corel
08/10/2006 15:02 <REP> CVitae
28/06/2006 12:47 <REP> DAEMON Tools
15/09/2006 16:50 <REP> DIFX
16/08/2006 23:28 <REP> directx
23/12/2006 01:05 <REP> DkZ Studio
21/07/2006 20:06 <REP> ESET
10/09/2005 20:14 <REP> Executive Software
02/08/2005 17:55 <REP> FaxTools
03/01/2007 13:58 <REP> Fichiers communs
20/10/2006 16:19 <REP> Game Graphic Studio
04/05/2006 16:28 <REP> Google
02/11/2006 11:15 <REP> Internet Download Manager
14/02/2007 22:12 <REP> Internet Explorer
30/01/2007 09:04 <REP> Inventel
03/03/2006 20:44 <REP> Jasc Software Inc
02/08/2005 19:23 <REP> Java
06/01/2007 03:33 <REP> K-Lite Codec Pack
06/01/2007 03:42 <REP> KONAMI
18/02/2007 22:21 <REP> L2Launcher v1.6
01/10/2005 21:04 <REP> Lavalys
02/08/2005 17:51 <REP> Lexmark X74-X75
18/02/2007 23:29 <REP> Lineage II
15/02/2007 16:02 <REP> LIUtilities
18/10/2006 04:07 <REP> LIVEUPDATE
25/12/2006 12:50 <REP> Logitech
07/04/2006 18:29 <REP> Media Player Classic
03/08/2005 20:04 <REP> Messenger
28/12/2006 01:54 <REP> Messenger Plus! Live
01/05/2006 18:15 <REP> MessengerPlus! 3
16/06/2006 16:31 <REP> Microsoft ActiveSync
02/08/2005 15:20 <REP> microsoft frontpage
07/05/2006 02:19 <REP> Mobydock DX
02/08/2005 15:17 <REP> Movie Maker
18/02/2007 23:36 <REP> Mozilla Firefox
02/08/2005 15:15 <REP> MSN
02/08/2005 15:15 <REP> MSN Gaming Zone
28/12/2006 01:54 <REP> MSN Messenger
24/07/2006 23:14 <REP> MSN Reaper
09/06/2006 00:24 <REP> MSNServersX
17/12/2006 12:12 <REP> MSXML 4.0
07/04/2006 16:23 <REP> Neoact
02/08/2005 15:17 <REP> NetMeeting
17/02/2007 23:51 <REP> NKProds
26/09/2006 05:35 <REP> NVIDIA Corporation
02/08/2005 15:16 <REP> Online Services
14/12/2006 06:20 <REP> Outlook Express
18/02/2007 00:14 <REP> PokerStars
15/02/2007 15:17 <REP> Postal2STP
06/01/2007 03:28 <REP> QuickTime
09/04/2006 03:10 <REP> Raxco
10/09/2006 08:07 <REP> Ray Adams
27/01/2006 16:39 <REP> Realtek
22/01/2006 16:26 <REP> RegCleaner
21/10/2006 17:34 <REP> Registry Mechanic
02/08/2005 15:18 <REP> Services en ligne
20/11/2005 18:47 <REP> Smart Projects
16/02/2007 20:23 <REP> SpeedFan
28/01/2007 14:14 <REP> Spybot - Search & Destroy
14/02/2007 21:32 <REP> SpywareGuard
21/10/2006 17:24 <REP> Startup Mechanic
24/12/2006 22:43 <REP> SYSTRAN
21/08/2005 01:18 <REP> Teamspeak2_RC2
11/02/2006 23:22 <REP> ToniArts
14/02/2007 23:12 <REP> TrojanHunter 4.6
13/02/2007 02:29 <REP> TuneUp Utilities 2006
14/02/2007 22:29 <REP> Uniblue
24/12/2006 17:46 <REP> URUSoft
09/02/2007 19:15 <REP> uTorrent
10/12/2006 20:26 <REP> VideoLAN
17/02/2007 22:09 <REP> Virtools Web Player 3.0
30/01/2007 09:15 <REP> Wanadoo
06/09/2006 19:01 <REP> Web Media Player
09/06/2006 23:30 <REP> Webteh
31/12/2006 14:58 <REP> Winamp
27/07/2006 01:35 <REP> Windows Media Player
02/08/2005 15:15 <REP> Windows NT
10/02/2006 19:23 <REP> WinRAR
28/08/2005 16:04 <REP> WisePixel Multimedia
02/08/2005 15:20 <REP> xerox
0 fichier(s) 0 octets
102 R‚p(s) 24ÿ314ÿ028ÿ032 octets libres
******************************************
## Popups autorisées
* Internet Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
startnow.com REG_SZ
www.startnow.com REG_SZ
* Mozilla Firefox (1 autorisé 2 interdit)
---------- C:\DOCUMENTS AND SETTINGS\UTILISATEUR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4L0ZY37T.DEFAULT\HOSTPERM.1
host cookie 2 popupsponsor.com
host cookie 2 popuptraffic.com
host cookie 2 paypopup.com
******************************************
## Registre
* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/toolbar/ie8/sidebar.html
* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Blah store REG_SZ C:\DOCUME~1\UTILIS~1\APPLIC~1\BURNEA~1\Defy base.exe
******************************************
## Zones de sécurité
* HKCU Domains (4)
* P3P History (5)
******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"
*************** Fin du rapport ****************
******************************************
## Répertoires Application Data
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\All Users\Application Data
02/08/2005 17:09 <REP> .
02/08/2005 17:09 <REP> ..
01/10/2005 23:36 <REP> Adobe
01/10/2005 23:37 <REP> Adobe Systems
11/03/2006 22:39 <REP> Apple Computer
13/08/2005 00:47 <REP> Avg7
02/08/2005 17:55 <REP> BVRP Software
17/12/2006 01:07 <REP> Corel
17/08/2005 23:22 <REP> InstallShield
03/12/2005 11:14 <REP> Kaspersky Anti-Virus Personal Pro
02/08/2005 17:09 <REP> Microsoft
09/04/2006 03:11 <REP> Raxco
06/01/2007 03:32 <REP> Real
03/09/2005 10:15 <REP> Spybot - Search & Destroy
11/02/2007 21:03 <REP> TIME ACE MORE PROGRAM
30/09/2005 20:35 <REP> TuneUp Software
26/08/2005 15:45 <REP> Windows Genuine Advantage
02/08/2005 17:10 62 desktop.ini
21/07/2006 22:36 126ÿ264 firstlsp.reg.dat
07/04/2006 18:31 2ÿ385 QTSBandwidthCache
3 fichier(s) 128ÿ711 octets
17 R‚p(s) 24ÿ314ÿ052ÿ608 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Default User\Application Data
02/08/2005 17:09 <REP> .
02/08/2005 17:09 <REP> ..
02/08/2005 17:09 <REP> Microsoft
02/08/2005 17:10 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data
02/08/2005 17:10 <REP> .
02/08/2005 17:10 <REP> ..
02/08/2005 15:19 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\LocalService\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
02/08/2005 15:23 <REP> Microsoft
14/07/2006 18:39 <REP> Webroot
0 fichier(s) 0 octets
4 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
26/11/2005 22:12 <REP> Help
02/08/2005 15:23 <REP> Microsoft
13/08/2005 00:47 18ÿ560 GDIPFONTCACHEV1.DAT
1 fichier(s) 18ÿ560 octets
4 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\NetworkService\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
02/08/2005 15:23 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data
02/08/2005 15:23 <REP> .
02/08/2005 15:23 <REP> ..
02/08/2005 15:23 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ040ÿ320 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Utilisateur\Application Data
02/08/2005 15:25 <REP> .
02/08/2005 15:25 <REP> ..
15/08/2006 20:14 <REP> .gaim
01/10/2005 23:46 <REP> Adobe
26/11/2005 18:17 <REP> AdobeUM
17/02/2006 18:13 <REP> Apple Computer
15/04/2006 16:38 <REP> ATI
03/09/2006 01:29 <REP> atitray
11/02/2007 21:03 <REP> BurnEachFor
28/06/2006 18:02 <REP> Camfrog
17/12/2006 01:08 <REP> Corel
24/09/2006 02:04 <REP> DMCache
03/02/2007 12:39 <REP> Doppler
14/05/2006 22:09 <REP> dvdcss
12/11/2005 18:05 <REP> Google
05/08/2005 12:35 <REP> Help
24/09/2006 09:32 <REP> IDM
18/02/2007 23:15 <REP> InstallShield
25/10/2005 12:04 <REP> Lavasoft
10/09/2005 20:15 <REP> Leadertech
29/11/2005 19:10 <REP> Logitech
02/08/2005 19:18 <REP> Macromedia
06/01/2007 03:34 <REP> Media Player Classic
02/08/2005 15:25 <REP> Microsoft
02/08/2005 18:51 <REP> Mozilla
18/02/2006 01:36 <REP> PC Tools
06/01/2007 03:32 <REP> Real
05/08/2005 17:05 <REP> Shareaza
04/05/2006 16:09 <REP> Sun
02/12/2005 21:51 <REP> Talkback
21/08/2005 01:18 <REP> teamspeak2
14/01/2006 12:14 <REP> THQ
14/02/2007 22:59 <REP> TrojanHunter
21/08/2005 16:19 <REP> TuneUp Software
14/02/2007 22:29 <REP> Uniblue
21/01/2007 15:32 <REP> uTorrent
02/08/2005 21:48 <REP> vlc
18/11/2005 15:44 <REP> Xfire
21/04/2006 20:04 26ÿ624 CDRusersDB.v12
02/08/2005 15:25 62 desktop.ini
06/07/2006 18:37 1ÿ035 QuickZip45.ini
27/12/2005 21:46 335 Taxi4.MCS
4 fichier(s) 28ÿ056 octets
38 R‚p(s) 24ÿ314ÿ036ÿ224 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Documents and Settings\Utilisateur\Local Settings\Application Data
02/08/2005 15:25 <REP> .
02/08/2005 15:25 <REP> ..
15/08/2006 10:19 <REP> ABBYY
01/10/2005 23:47 <REP> Adobe
13/08/2005 12:51 <REP> Ahead
26/10/2005 11:36 <REP> Apple Computer
15/04/2006 16:38 <REP> ApplicationHistory
15/04/2006 16:38 <REP> ATI
03/02/2007 12:39 <REP> DopplerRadio.NET
12/11/2005 18:05 <REP> Google
05/08/2005 12:35 <REP> Help
05/08/2005 12:35 <REP> Identities
02/08/2005 15:25 <REP> Microsoft
11/11/2005 14:15 <REP> Mozilla
05/12/2006 06:21 <REP> Pando
05/08/2005 17:05 <REP> Shareaza
07/05/2006 01:40 <REP> Stardock
04/08/2005 19:12 244ÿ224 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
15/04/2006 16:38 134 fusioncache.dat
02/08/2005 23:10 23ÿ000 GDIPFONTCACHEV1.DAT
24/11/2006 20:50 2ÿ644ÿ972 IconCache.db
4 fichier(s) 2ÿ912ÿ330 octets
17 R‚p(s) 24ÿ314ÿ036ÿ224 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data
02/08/2005 15:22 <REP> .
02/08/2005 15:22 <REP> ..
02/08/2005 15:22 <REP> Microsoft
02/08/2005 15:22 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 24ÿ314ÿ036ÿ224 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
02/08/2005 15:22 <REP> .
02/08/2005 15:22 <REP> ..
02/08/2005 15:22 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 24ÿ314ÿ032ÿ128 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\WINDOWS\Tasks
11/02/2007 21:03 292 AB0725BB93A8A1D7.job
06/01/2007 03:26 284 AppleSoftwareUpdate.job
02/11/2006 11:09 420 Maintenance en 1 clic.job
30/09/2005 20:36 402 1-Click Maintenance.job
02/08/2005 15:23 6 SA.DAT
02/08/2005 15:17 65 desktop.ini
02/08/2005 15:17 <REP> ..
02/08/2005 15:17 <REP> .
6 fichier(s) 1ÿ469 octets
2 R‚p(s) 24ÿ314ÿ032ÿ128 octets libres
******************************************
## Répertoires de C:\Program Files
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D0A2-014B
R‚pertoire de C:\Program Files
18/02/2007 23:16 <REP> .
18/02/2007 23:16 <REP> ..
22/07/2006 11:12 <REP> 7-Zip
02/08/2005 17:55 <REP> ABBYY FineReader 5.0 Sprint
15/02/2006 18:45 <REP> Adobe
18/02/2007 11:57 <REP> Agathe Mill‚nium Gestion
13/08/2005 01:16 <REP> Ahead
27/11/2006 18:46 <REP> Alwil Software
06/01/2007 03:26 <REP> Apple Software Update
18/02/2007 20:29 <REP> a-squared HiJackFree
14/07/2006 01:13 <REP> ATI Technologies
03/09/2006 14:42 <REP> ATITool
14/10/2006 22:08 <REP> Audacity
07/08/2005 19:23 <REP> AvantGo Connect
16/12/2006 22:58 <REP> AviSynth 2.5
23/08/2005 13:44 <REP> AVPersonal
11/07/2006 19:53 <REP> Axon Data
11/02/2007 21:03 <REP> BurnEachFor
21/01/2007 15:53 <REP> Camfrog
14/05/2006 19:05 <REP> CCleaner
15/08/2006 20:11 <REP> Common Files
02/08/2005 15:16 <REP> ComPlus Applications
06/01/2007 03:39 <REP> Corel
08/10/2006 15:02 <REP> CVitae
28/06/2006 12:47 <REP> DAEMON Tools
15/09/2006 16:50 <REP> DIFX
16/08/2006 23:28 <REP> directx
23/12/2006 01:05 <REP> DkZ Studio
21/07/2006 20:06 <REP> ESET
10/09/2005 20:14 <REP> Executive Software
02/08/2005 17:55 <REP> FaxTools
03/01/2007 13:58 <REP> Fichiers communs
20/10/2006 16:19 <REP> Game Graphic Studio
04/05/2006 16:28 <REP> Google
02/11/2006 11:15 <REP> Internet Download Manager
14/02/2007 22:12 <REP> Internet Explorer
30/01/2007 09:04 <REP> Inventel
03/03/2006 20:44 <REP> Jasc Software Inc
02/08/2005 19:23 <REP> Java
06/01/2007 03:33 <REP> K-Lite Codec Pack
06/01/2007 03:42 <REP> KONAMI
18/02/2007 22:21 <REP> L2Launcher v1.6
01/10/2005 21:04 <REP> Lavalys
02/08/2005 17:51 <REP> Lexmark X74-X75
18/02/2007 23:29 <REP> Lineage II
15/02/2007 16:02 <REP> LIUtilities
18/10/2006 04:07 <REP> LIVEUPDATE
25/12/2006 12:50 <REP> Logitech
07/04/2006 18:29 <REP> Media Player Classic
03/08/2005 20:04 <REP> Messenger
28/12/2006 01:54 <REP> Messenger Plus! Live
01/05/2006 18:15 <REP> MessengerPlus! 3
16/06/2006 16:31 <REP> Microsoft ActiveSync
02/08/2005 15:20 <REP> microsoft frontpage
07/05/2006 02:19 <REP> Mobydock DX
02/08/2005 15:17 <REP> Movie Maker
18/02/2007 23:36 <REP> Mozilla Firefox
02/08/2005 15:15 <REP> MSN
02/08/2005 15:15 <REP> MSN Gaming Zone
28/12/2006 01:54 <REP> MSN Messenger
24/07/2006 23:14 <REP> MSN Reaper
09/06/2006 00:24 <REP> MSNServersX
17/12/2006 12:12 <REP> MSXML 4.0
07/04/2006 16:23 <REP> Neoact
02/08/2005 15:17 <REP> NetMeeting
17/02/2007 23:51 <REP> NKProds
26/09/2006 05:35 <REP> NVIDIA Corporation
02/08/2005 15:16 <REP> Online Services
14/12/2006 06:20 <REP> Outlook Express
18/02/2007 00:14 <REP> PokerStars
15/02/2007 15:17 <REP> Postal2STP
06/01/2007 03:28 <REP> QuickTime
09/04/2006 03:10 <REP> Raxco
10/09/2006 08:07 <REP> Ray Adams
27/01/2006 16:39 <REP> Realtek
22/01/2006 16:26 <REP> RegCleaner
21/10/2006 17:34 <REP> Registry Mechanic
02/08/2005 15:18 <REP> Services en ligne
20/11/2005 18:47 <REP> Smart Projects
16/02/2007 20:23 <REP> SpeedFan
28/01/2007 14:14 <REP> Spybot - Search & Destroy
14/02/2007 21:32 <REP> SpywareGuard
21/10/2006 17:24 <REP> Startup Mechanic
24/12/2006 22:43 <REP> SYSTRAN
21/08/2005 01:18 <REP> Teamspeak2_RC2
11/02/2006 23:22 <REP> ToniArts
14/02/2007 23:12 <REP> TrojanHunter 4.6
13/02/2007 02:29 <REP> TuneUp Utilities 2006
14/02/2007 22:29 <REP> Uniblue
24/12/2006 17:46 <REP> URUSoft
09/02/2007 19:15 <REP> uTorrent
10/12/2006 20:26 <REP> VideoLAN
17/02/2007 22:09 <REP> Virtools Web Player 3.0
30/01/2007 09:15 <REP> Wanadoo
06/09/2006 19:01 <REP> Web Media Player
09/06/2006 23:30 <REP> Webteh
31/12/2006 14:58 <REP> Winamp
27/07/2006 01:35 <REP> Windows Media Player
02/08/2005 15:15 <REP> Windows NT
10/02/2006 19:23 <REP> WinRAR
28/08/2005 16:04 <REP> WisePixel Multimedia
02/08/2005 15:20 <REP> xerox
0 fichier(s) 0 octets
102 R‚p(s) 24ÿ314ÿ028ÿ032 octets libres
******************************************
## Popups autorisées
* Internet Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
startnow.com REG_SZ
www.startnow.com REG_SZ
* Mozilla Firefox (1 autorisé 2 interdit)
---------- C:\DOCUMENTS AND SETTINGS\UTILISATEUR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4L0ZY37T.DEFAULT\HOSTPERM.1
host cookie 2 popupsponsor.com
host cookie 2 popuptraffic.com
host cookie 2 paypopup.com
******************************************
## Registre
* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/toolbar/ie8/sidebar.html
* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Blah store REG_SZ C:\DOCUME~1\UTILIS~1\APPLIC~1\BURNEA~1\Defy base.exe
******************************************
## Zones de sécurité
* HKCU Domains (4)
* P3P History (5)
******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"
*************** Fin du rapport ****************
Re
Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.
3 Relance un scan HijackThis et coche les lignes ci-dessous :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [Blah store] C:\DOCUME~1\UTILIS~1\APPLIC~1\BURNEA~1\Defy base.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/pla...0/Installer.exe
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: bw+0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »
4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer
5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
C:\Documents and Settings\All Users\Application Data\TIME ACE MORE PROGRAM
C:\Documents and Settings\Utilisateur\Application Data\BurnEachFor
C:\WINDOWS\Tasks\AB0725BB93A8A1D7.job
C:\Program Files\BurnEachFor
Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
6 Lance le nettoyage avec CCleaner
7 Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
8 Redémarre normalement
Poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware.
Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.
3 Relance un scan HijackThis et coche les lignes ci-dessous :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [Blah store] C:\DOCUME~1\UTILIS~1\APPLIC~1\BURNEA~1\Defy base.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/pla...0/Installer.exe
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: bw+0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A5573E32-BD08-44C9-B221-53E895E12583} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »
4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer
5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
C:\Documents and Settings\All Users\Application Data\TIME ACE MORE PROGRAM
C:\Documents and Settings\Utilisateur\Application Data\BurnEachFor
C:\WINDOWS\Tasks\AB0725BB93A8A1D7.job
C:\Program Files\BurnEachFor
Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
6 Lance le nettoyage avec CCleaner
7 Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
8 Redémarre normalement
Poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware.
