Utiliser des données hijackthis
Vilion 22
Messages postés
9
Date d'inscription
Statut
Membre
Dernière intervention
-
Vilion 22 Messages postés 9 Date d'inscription Statut Membre Dernière intervention -
Vilion 22 Messages postés 9 Date d'inscription Statut Membre Dernière intervention -
Bonjour a tous, j'ai un probleme important de trojan mais avec l aide du forum j' avance un peu, quelqu'un peut il m'aider a utiliser le log hijackthis suivant obtenu aprés un pré nettoyage avec easy cleaner et spybot Logfile of HijackThis v1.99.1
Scan saved at 15:25:19, on 25/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\TEMP\FB.tmp
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\TEMP\20.tmp
C:\WINDOWS\system32\wuauclt.exe
G:\UtilitairePC\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {70DADED8-5B7C-9840-0880-05A7F23B2B52} - C:\WINDOWS\system32\ukrdoqd.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {D172504F-379F-4AFA-AF58-0BCBE8F4E147} - C:\WINDOWS\system32\fccaaax.dll
O2 - BHO: (no name) - {D8B00201-0AE3-43B8-AAF8-A962D6795023} - C:\WINDOWS\system32\jkkli.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\ruortpuv.dll
O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~2\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [wlbsvn] c:\windows\system32\wlbsvn.exe wlbsvn
O4 - HKLM\..\Run: [dxfoea] c:\windows\system32\dxfoea.exe dxfoea
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [RamBoostXp] "C:\Program Files\RamBoost XP\rambxpfr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [Steam] "G:\Actiongame\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools] "G:\UtilitairePC\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = G:\UtilitairePC\Adobe\Reader\AdobeCollabSync.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = G:\UtilitairePC\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Chercher avec Copernic - C:\Program Files\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\FB.tmp".exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Scan saved at 15:25:19, on 25/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\TEMP\FB.tmp
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\TEMP\20.tmp
C:\WINDOWS\system32\wuauclt.exe
G:\UtilitairePC\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {70DADED8-5B7C-9840-0880-05A7F23B2B52} - C:\WINDOWS\system32\ukrdoqd.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {D172504F-379F-4AFA-AF58-0BCBE8F4E147} - C:\WINDOWS\system32\fccaaax.dll
O2 - BHO: (no name) - {D8B00201-0AE3-43B8-AAF8-A962D6795023} - C:\WINDOWS\system32\jkkli.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\ruortpuv.dll
O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~2\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [wlbsvn] c:\windows\system32\wlbsvn.exe wlbsvn
O4 - HKLM\..\Run: [dxfoea] c:\windows\system32\dxfoea.exe dxfoea
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [RamBoostXp] "C:\Program Files\RamBoost XP\rambxpfr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [Steam] "G:\Actiongame\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools] "G:\UtilitairePC\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = G:\UtilitairePC\Adobe\Reader\AdobeCollabSync.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = G:\UtilitairePC\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Chercher avec Copernic - C:\Program Files\Copernic 2001 Basic\Search Extension.htm
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\FB.tmp".exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:
- Utiliser des données hijackthis
- Fuite données maif - Guide
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Utiliser chromecast - Guide
- Trier des données excel - Guide
- Utiliser iphone comme webcam - Guide
8 réponses
salut,
fixe deja ça
[?] - C:\WINDOWS\TEMP\FB.tmp
[?] - C:\WINDOWS\TEMP\20.tmp
[?] - G:\UtilitairePC\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
[N] - O2 - BHO: (no name) - {70DADED8-5B7C-9840-0880-05A7F23B2B52} - C:\WINDOWS\system32\ukrdoqd.dll (file missing)
[?] - O2 - BHO: (no name) - {D172504F-379F-4AFA-AF58-0BCBE8F4E147} - C:\WINDOWS\system32\fccaaax.dll
[?] - O2 - BHO: (no name) - {D8B00201-0AE3-43B8-AAF8-A962D6795023} - C:\WINDOWS\system32\jkkli.dll
[?] - O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\ruortpuv.dll
[N] - O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
[?] - O4 - HKLM\..\Run: [wlbsvn] c:\windows\system32\wlbsvn.exe wlbsvn
[?] - O4 - HKLM\..\Run: [dxfoea] c:\windows\system32\dxfoea.exe dxfoea
[?] - O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
[X] - O4 - Startup: PowerReg Scheduler.exe
[?] - O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\FB.tmp".exe (file missing)
et telecharge ça et faitun scanne a
http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
fixe deja ça
[?] - C:\WINDOWS\TEMP\FB.tmp
[?] - C:\WINDOWS\TEMP\20.tmp
[?] - G:\UtilitairePC\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
[N] - O2 - BHO: (no name) - {70DADED8-5B7C-9840-0880-05A7F23B2B52} - C:\WINDOWS\system32\ukrdoqd.dll (file missing)
[?] - O2 - BHO: (no name) - {D172504F-379F-4AFA-AF58-0BCBE8F4E147} - C:\WINDOWS\system32\fccaaax.dll
[?] - O2 - BHO: (no name) - {D8B00201-0AE3-43B8-AAF8-A962D6795023} - C:\WINDOWS\system32\jkkli.dll
[?] - O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\ruortpuv.dll
[N] - O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
[?] - O4 - HKLM\..\Run: [wlbsvn] c:\windows\system32\wlbsvn.exe wlbsvn
[?] - O4 - HKLM\..\Run: [dxfoea] c:\windows\system32\dxfoea.exe dxfoea
[?] - O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
[X] - O4 - Startup: PowerReg Scheduler.exe
[?] - O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\FB.tmp".exe (file missing)
et telecharge ça et faitun scanne a
http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
pas grave,
au fait c'est quoi ta version de spybot?
celle la Spybot - Search & Destroy ou une autre ?
de plus un petit conseil desinstalle les toolbars cela genere beaucoup de merdouilles et fixe ça
O18 - Protocol: bwy0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
au fait c'est quoi ta version de spybot?
celle la Spybot - Search & Destroy ou une autre ?
de plus un petit conseil desinstalle les toolbars cela genere beaucoup de merdouilles et fixe ça
O18 - Protocol: bwy0s - {07B5A2A0-850C-4A17-A987-1E6763BD399E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Tjs en cours mais deja beaucoup d'objets infectés avec des menaces du genre Worm.Zhelatin.d ; Trojan.Small ; Trojan.Nilage.aeh ...
j'en passe et surement des pires...
Je t'informe de la catastrophe a la fin de l'analyse... merci encore du coup de main quelque soit kle resultat final
j'en passe et surement des pires...
Je t'informe de la catastrophe a la fin de l'analyse... merci encore du coup de main quelque soit kle resultat final
Salut Garibax, C'est enfin moi, je t'envoi le rapport de AVG pour avoir ton avis sur l'ampleur du problemee, merci d'avance
---------------------------------------------------------
+ Créé à: 18:40:33 25/02/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : Aucune action entreprise.
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Aucune action entreprise.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197906.exe -> Adware.BargainBuddy : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\bbchk.exe -> Adware.BargainBuddy : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\chktrust.exe -> Adware.BargainBuddy : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\DelFin -> Adware.Delfin : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\DelFin\PromulGate -> Adware.Delfin : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{962F12AE-2773-4BEB-99EA-B5C3AB9A6606} -> Adware.Generic : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F62A47A7-4CA3-9D00-95A3-6724D43A9E8C} -> Adware.Generic : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\shtjxm.exe -> Adware.NaviPromo : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\wimxgj.exe -> Adware.NaviPromo : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\xfhqyaerv.exe -> Adware.NaviPromo : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0198927.dll -> Adware.PurityScan : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0198934.exe -> Adware.PurityScan : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0199921.exe -> Adware.PurityScan : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201927.dll -> Adware.PurityScan : Aucune action entreprise.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\RX Toolbar -> Adware.RXToolbar : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1277\A0190548.exe -> Adware.SaveNow : Aucune action entreprise.
G:\UtilitairePC\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Aucune action entreprise.
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Aucune action entreprise.
HKLM\SOFTWARE\WhenU -> Adware.SaveNow : Aucune action entreprise.
C:\RECYCLER\S-1-5-18\Dc1\system.dll -> Adware.Softomate : Aucune action entreprise.
C:\RECYCLER\S-1-5-18\Dc2\system.dll -> Adware.Softomate : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197901.dll -> Adware.Softomate : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192762.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192763.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192764.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192765.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192766.exe -> Adware.Spysheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1285\A0205079.exe -> Adware.Spysheriff : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1246\A0172723.rbf/server.exe -> Backdoor.Optix.Pro.i : Aucune action entreprise.
C:\WINDOWS\Temp\FB.tmp -> Backdoor.Small.oa : Aucune action entreprise.
C:\Program Files\Fichiers communs\Totem Shared\Update\dial.dll.015 -> Dialer.DialerOffline : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207142.exe -> Dialer.GBDialer.i : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GDQRK52F\baby[1].exe -> Downloader.Agent.ip : Aucune action entreprise.
C:\WINDOWS\Temp\1F.tmp -> Downloader.Agent.ip : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193791.exe -> Downloader.CWS.ak : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201939.exe -> Downloader.CWS.ak : Aucune action entreprise.
C:\Program Files\shell32.exe -> Downloader.IstBar.pm : Aucune action entreprise.
C:\WINDOWS\browserxtras\pn\remove.exe -> Downloader.Keenval.f : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190732.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190733.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192758.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197913.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1285\A0205097.exe -> Downloader.Small.awa : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\sdfff -> Downloader.Small.awa : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201944.exe -> Downloader.Small.cqf : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207138.exe -> Downloader.Small.crd : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207139.dll -> Downloader.Small.crd : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\systhb.dll -> Downloader.Small.cyn : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0175857.exe -> Downloader.Small.dui : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0175859.exe -> Downloader.Small.dui : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WXE3CHE3\bubu[1].exe -> Downloader.Small.ego : Aucune action entreprise.
C:\WINDOWS\Temp\20.tmp -> Downloader.Small.ego : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0172789.exe -> Logger.Agent : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0175858.exe -> Logger.Agent : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190731.exe -> Logger.Agent : Aucune action entreprise.
C:\WINDOWS\patcher.exe -> Logger.Agent : Aucune action entreprise.
C:\Documents and Settings\Parents\wpcem.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0191749.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192749.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192782.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193782.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193803.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0194803.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0195808.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197880.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201940.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1284\A0204040.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172343.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172356.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172357.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172358.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\rpcc.dll -> Proxy.Dlena.ca : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193815.exe -> Proxy.Small.bt : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1284\A0204039.exe -> Proxy.Small.bt : Aucune action entreprise.
C:\WINDOWS\Temp\kernel.sys -> Rootkit.Agent.dp : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\main.sys -> Trojan.Agent.ady : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6TWXMPUB\any_file_name[2].exe -> Trojan.Agent.qt : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193816.exe -> Trojan.Agent.ws : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201941.exe -> Trojan.Agent.ws : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GDQRK52F\p[1].exe -> Trojan.LdPinch.bfp : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190730.exe -> Trojan.Nilage.aeh : Aucune action entreprise.
C:\WINDOWS\widupdate.exe -> Trojan.Nilage.aeh : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0198937.exe -> Trojan.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1283\A0202982.exe -> Trojan.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1284\A0203019.exe -> Trojan.Small : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\wcpsu.exe -> Trojan.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207136.dll -> Worm.Banwarum.f : Aucune action entreprise.
C:\Program Files\wunauclt.exe -> Worm.Padonak.a : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\wunauclt.exe -> Worm.Padonak.a : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1285\A0205096.exe -> Worm.Zhelatin.aa : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\zxczxc -> Worm.Zhelatin.aa : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207140.sys -> Worm.Zhelatin.d : Aucune action entreprise.
Fin du rapport
---------------------------------------------------------
+ Créé à: 18:40:33 25/02/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : Aucune action entreprise.
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Aucune action entreprise.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197906.exe -> Adware.BargainBuddy : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\bbchk.exe -> Adware.BargainBuddy : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\chktrust.exe -> Adware.BargainBuddy : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\DelFin -> Adware.Delfin : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\DelFin\PromulGate -> Adware.Delfin : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{962F12AE-2773-4BEB-99EA-B5C3AB9A6606} -> Adware.Generic : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F62A47A7-4CA3-9D00-95A3-6724D43A9E8C} -> Adware.Generic : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\shtjxm.exe -> Adware.NaviPromo : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\wimxgj.exe -> Adware.NaviPromo : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\xfhqyaerv.exe -> Adware.NaviPromo : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0198927.dll -> Adware.PurityScan : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0198934.exe -> Adware.PurityScan : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0199921.exe -> Adware.PurityScan : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201927.dll -> Adware.PurityScan : Aucune action entreprise.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Aucune action entreprise.
HKU\S-1-5-21-905303659-784950871-2387590086-1006\Software\RX Toolbar -> Adware.RXToolbar : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1277\A0190548.exe -> Adware.SaveNow : Aucune action entreprise.
G:\UtilitairePC\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Aucune action entreprise.
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Aucune action entreprise.
HKLM\SOFTWARE\WhenU -> Adware.SaveNow : Aucune action entreprise.
C:\RECYCLER\S-1-5-18\Dc1\system.dll -> Adware.Softomate : Aucune action entreprise.
C:\RECYCLER\S-1-5-18\Dc2\system.dll -> Adware.Softomate : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197901.dll -> Adware.Softomate : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192762.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192763.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192764.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192765.dll -> Adware.SpySheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192766.exe -> Adware.Spysheriff : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1285\A0205079.exe -> Adware.Spysheriff : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1246\A0172723.rbf/server.exe -> Backdoor.Optix.Pro.i : Aucune action entreprise.
C:\WINDOWS\Temp\FB.tmp -> Backdoor.Small.oa : Aucune action entreprise.
C:\Program Files\Fichiers communs\Totem Shared\Update\dial.dll.015 -> Dialer.DialerOffline : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207142.exe -> Dialer.GBDialer.i : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GDQRK52F\baby[1].exe -> Downloader.Agent.ip : Aucune action entreprise.
C:\WINDOWS\Temp\1F.tmp -> Downloader.Agent.ip : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193791.exe -> Downloader.CWS.ak : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201939.exe -> Downloader.CWS.ak : Aucune action entreprise.
C:\Program Files\shell32.exe -> Downloader.IstBar.pm : Aucune action entreprise.
C:\WINDOWS\browserxtras\pn\remove.exe -> Downloader.Keenval.f : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190732.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190733.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192758.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197913.exe -> Downloader.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1285\A0205097.exe -> Downloader.Small.awa : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\sdfff -> Downloader.Small.awa : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201944.exe -> Downloader.Small.cqf : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207138.exe -> Downloader.Small.crd : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207139.dll -> Downloader.Small.crd : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\systhb.dll -> Downloader.Small.cyn : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0175857.exe -> Downloader.Small.dui : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0175859.exe -> Downloader.Small.dui : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WXE3CHE3\bubu[1].exe -> Downloader.Small.ego : Aucune action entreprise.
C:\WINDOWS\Temp\20.tmp -> Downloader.Small.ego : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0172789.exe -> Logger.Agent : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1249\A0175858.exe -> Logger.Agent : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190731.exe -> Logger.Agent : Aucune action entreprise.
C:\WINDOWS\patcher.exe -> Logger.Agent : Aucune action entreprise.
C:\Documents and Settings\Parents\wpcem.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0191749.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192749.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0192782.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193782.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193803.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0194803.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0195808.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0197880.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201940.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1284\A0204040.exe -> Logger.Agent.pr : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172343.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172356.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172357.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
G:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1233\A0172358.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\rpcc.dll -> Proxy.Dlena.ca : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193815.exe -> Proxy.Small.bt : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1284\A0204039.exe -> Proxy.Small.bt : Aucune action entreprise.
C:\WINDOWS\Temp\kernel.sys -> Rootkit.Agent.dp : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\main.sys -> Trojan.Agent.ady : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6TWXMPUB\any_file_name[2].exe -> Trojan.Agent.qt : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0193816.exe -> Trojan.Agent.ws : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0201941.exe -> Trojan.Agent.ws : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GDQRK52F\p[1].exe -> Trojan.LdPinch.bfp : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0190730.exe -> Trojan.Nilage.aeh : Aucune action entreprise.
C:\WINDOWS\widupdate.exe -> Trojan.Nilage.aeh : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1282\A0198937.exe -> Trojan.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1283\A0202982.exe -> Trojan.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1284\A0203019.exe -> Trojan.Small : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\wcpsu.exe -> Trojan.Small : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207136.dll -> Worm.Banwarum.f : Aucune action entreprise.
C:\Program Files\wunauclt.exe -> Worm.Padonak.a : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\wunauclt.exe -> Worm.Padonak.a : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1285\A0205096.exe -> Worm.Zhelatin.aa : Aucune action entreprise.
C:\WINDOWS\SYSTEM32\zxczxc -> Worm.Zhelatin.aa : Aucune action entreprise.
C:\System Volume Information\_restore{E76E0855-6E35-4275-83F4-FA20D9EFDF4F}\RP1287\A0207140.sys -> Worm.Zhelatin.d : Aucune action entreprise.
Fin du rapport
Re salut
Suprime toutes les choses qui ont été trouvées.
grandes ou petites infections
Les paroles a odeurs de miel ont souvent le gout de confitures salées (P.chinois)
Suprime toutes les choses qui ont été trouvées.
grandes ou petites infections
Les paroles a odeurs de miel ont souvent le gout de confitures salées (P.chinois)
Ensuite a mon avis change ton antivirus et installe un firewall.
Regarde ci-dessous les outils qui t'intéresse!
Les Indispensables:
Zone de téléchargement:
Scanne en ligne: http://www.bitdefender.fr/scan8/ie.html
et
Scanne en ligne: http://www.inoculer.com/
Zone de téléchargement:
Ad-Aware = antisyware: https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html
AVG = antispyware : http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
AVG = antivirus gratuit: https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/24345.html
ZoneAlarm = firewall: https://www.zonealarm.com!427456733!-1062696904!7551!7552!NONE?dc=34std&ctry=FR&lang=fr&lid=nav_za
Ccleaner= optimiser et nettoyer le système: https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Jv16 PowerTools: nettoyer le registre: http://209.85.135.104/search?q=cache:_BojXwFUEbIJ:www.01net.com/windows/Utilitaire/registre/fiches/25433.html+telecharger+jv16+PowerTools&hl=fr&gl=fr&ct=clnk&cd=1
SmitFraudFix: nettoyage du registre et désinfecte : https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/34490.html
4°/Salut
5°/ Tiens moi au courrant.
Les paroles a odeurs de miel ont souvent le gout de confitures salées (P.chinois)
Regarde ci-dessous les outils qui t'intéresse!
Les Indispensables:
Zone de téléchargement:
Scanne en ligne: http://www.bitdefender.fr/scan8/ie.html
et
Scanne en ligne: http://www.inoculer.com/
Zone de téléchargement:
Ad-Aware = antisyware: https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html
AVG = antispyware : http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
AVG = antivirus gratuit: https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/24345.html
ZoneAlarm = firewall: https://www.zonealarm.com!427456733!-1062696904!7551!7552!NONE?dc=34std&ctry=FR&lang=fr&lid=nav_za
Ccleaner= optimiser et nettoyer le système: https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Jv16 PowerTools: nettoyer le registre: http://209.85.135.104/search?q=cache:_BojXwFUEbIJ:www.01net.com/windows/Utilitaire/registre/fiches/25433.html+telecharger+jv16+PowerTools&hl=fr&gl=fr&ct=clnk&cd=1
SmitFraudFix: nettoyage du registre et désinfecte : https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/34490.html
4°/Salut
5°/ Tiens moi au courrant.
Les paroles a odeurs de miel ont souvent le gout de confitures salées (P.chinois)
OK Garibrax, je vais utiliser les liens utiles que tu m'a transmis et suivre tes conseils pour un firewall meilleur que celui d'XP, quant a mon antivirus (Mc Afee) vu qu'il a laissé passer la ..., disons le "desagrement" qui m'occupe actuellement (et toi aussi par la même occasion.. merci !!!) je vais peut être opter pour Bitdefender.
En tout état de cause je t'informe des suites ...
Merci encore, @+
En tout état de cause je t'informe des suites ...
Merci encore, @+
Merci