Log Hijak

naruto2706 Messages postés 57 Statut Membre -  
moK´s@ Messages postés 4410 Statut Membre -
bonjour !
voici le rapport d'un pc qui rame vraiment et qui doit être bourré de virus :s quelqu'un peut-il l'analyser svp ?
Logfile of HijackThis v1.99.1
Scan saved at 17:40:34, on 16/05/2007
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\INVENTEL\GATEWAY\WLANCFG.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\WINDOWS\SYSTEM\STCHECK32.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\WRYDONYF.EXE
C:\PROGRAM FILES\WANADOO\TASKBARICON.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAM FILES\BACKWEB\BACKWEB\PROGRAM\BWDELAY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\BUREAU\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7b8093ee-1dd2-11b2-a7d3-8b20a9ba170b} - C:\WINDOWS\SYSTEM\DYBVNRJA.DLL
O2 - BHO: (no name) - {19A04DDB-D96F-7509-3BC1-048AC35C306B} - C:\WINDOWS\SYSTEM\AVRHDMF.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Gateway\wlancfg.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [csysx.exe] csysx.exe
O4 - HKLM\..\Run: [jgtslsnm.exe] C:\WINDOWS\SYSTEM\jgtslsnm.exe
O4 - HKLM\..\Run: [Privacy tools] C:\WINDOWS\SYSTEM\stcheck32.exe
O4 - HKLM\..\Run: [lnhinh.dll] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\lnhinh.dll,hcmlkmf
O4 - HKLM\..\Run: [dkhcporq.exe] C:\WINDOWS\SYSTEM\dkhcporq.exe
O4 - HKLM\..\Run: [wrydonyf.exe] C:\WINDOWS\SYSTEM\wrydonyf.exe
O4 - HKLM\..\Run: [dsxiruba.exe] C:\WINDOWS\SYSTEM\dsxiruba.exe
O4 - HKLM\..\Run: [shcrkrez.exe] C:\WINDOWS\SYSTEM\shcrkrez.exe
O4 - HKLM\..\Run: [tutmvchq.exe] C:\WINDOWS\SYSTEM\tutmvchq.exe
O4 - HKLM\..\Run: [nuvajire.exe] C:\WINDOWS\SYSTEM\nuvajire.exe
O4 - HKLM\..\Run: [hqfibkri.exe] C:\WINDOWS\SYSTEM\hqfibkri.exe
O4 - HKLM\..\Run: [cfyfspij.exe] C:\WINDOWS\SYSTEM\cfyfspij.exe
O4 - HKLM\..\Run: [izodqzer.exe] C:\WINDOWS\SYSTEM\izodqzer.exe
O4 - HKLM\..\Run: [avyzolsz.exe] C:\WINDOWS\SYSTEM\avyzolsz.exe
O4 - HKLM\..\Run: [cjonszmz.exe] C:\WINDOWS\SYSTEM\cjonszmz.exe
O4 - HKLM\..\Run: [ezwdijmv.exe] C:\WINDOWS\SYSTEM\ezwdijmv.exe
O4 - HKLM\..\Run: [ulgtmdal.exe] C:\WINDOWS\SYSTEM\ulgtmdal.exe
O4 - HKLM\..\Run: [avclwhup.exe] C:\WINDOWS\SYSTEM\avclwhup.exe
O4 - HKLM\..\Run: [olejqryn.exe] C:\WINDOWS\SYSTEM\olejqryn.exe
O4 - HKLM\..\Run: [tkxijsfc.exe] C:\WINDOWS\SYSTEM\tkxijsfc.exe
O4 - HKLM\..\Run: [tkpkpgnk.exe] C:\WINDOWS\SYSTEM\tkpkpgnk.exe
O4 - HKLM\..\Run: [jwzcbsdc.exe] C:\WINDOWS\SYSTEM\jwzcbsdc.exe
O4 - HKLM\..\Run: [sjopyxot.exe] C:\WINDOWS\SYSTEM\sjopyxot.exe
O4 - HKLM\..\Run: [axifktaf.exe] C:\WINDOWS\SYSTEM\axifktaf.exe
O4 - HKLM\..\Run: [edwjajqj.exe] C:\WINDOWS\SYSTEM\edwjajqj.exe
O4 - HKLM\..\Run: [jwzkhgjq.exe] C:\WINDOWS\SYSTEM\jwzkhgjq.exe
O4 - HKLM\..\Run: [dchqvuji.exe] C:\WINDOWS\SYSTEM\dchqvuji.exe
O4 - HKLM\..\Run: [qjynypgr.exe] C:\WINDOWS\SYSTEM\qjynypgr.exe
O4 - HKLM\..\Run: [dshehmjo.exe] C:\WINDOWS\SYSTEM\dshehmjo.exe
O4 - HKLM\..\Run: [ghibwxqd.exe] C:\WINDOWS\SYSTEM\ghibwxqd.exe
O4 - HKLM\..\Run: [qpebgjmd.exe] C:\WINDOWS\SYSTEM\qpebgjmd.exe
O4 - HKLM\..\Run: [mbsdwlez.exe] C:\WINDOWS\SYSTEM\mbsdwlez.exe
O4 - HKLM\..\Run: [czyvunof.exe] C:\WINDOWS\SYSTEM\czyvunof.exe
O4 - HKLM\..\Run: [badqvyne.exe] C:\WINDOWS\SYSTEM\badqvyne.exe
O4 - HKLM\..\Run: [jatqlcrk.exe] C:\WINDOWS\SYSTEM\jatqlcrk.exe
O4 - HKLM\..\Run: [nitsjixk.exe] C:\WINDOWS\SYSTEM\nitsjixk.exe
O4 - HKLM\..\Run: [ujwhkjgl.exe] C:\WINDOWS\SYSTEM\ujwhkjgl.exe
O4 - HKLM\..\Run: [efavahsl.exe] C:\WINDOWS\SYSTEM\efavahsl.exe
O4 - HKLM\..\Run: [unmpotkf.exe] C:\WINDOWS\SYSTEM\unmpotkf.exe
O4 - HKLM\..\Run: [xalotcle.exe] C:\WINDOWS\SYSTEM\xalotcle.exe
O4 - HKLM\..\Run: [topavurq.exe] C:\WINDOWS\SYSTEM\topavurq.exe
O4 - HKLM\..\Run: [vmduxwpi.exe] C:\WINDOWS\SYSTEM\vmduxwpi.exe
O4 - HKLM\..\Run: [irsjkdwn.exe] C:\WINDOWS\SYSTEM\irsjkdwn.exe
O4 - HKLM\..\Run: [vyvcpqvc.exe] C:\WINDOWS\SYSTEM\vyvcpqvc.exe
O4 - HKLM\..\Run: [dirkxcvm.exe] C:\WINDOWS\SYSTEM\dirkxcvm.exe
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\Run: [cnapozen.exe] C:\WINDOWS\SYSTEM\cnapozen.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
O4 - HKCU\..\RunServices: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\RunServices: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\RunServices: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://my.yahoo.com/
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 85.255.113.115,85.255.112.12
O18 - Protocol: offline-8876480 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
O21 - SSODL: homina - {df8c3aed-b58e-4bcb-96b3-aa1b7bbdbbd4} - C:\WINDOWS\SYSTEM\oyopu.dll
Configuration: Windows 98
Internet Explorer 6.0

15 réponses

  1. moK´s@ Messages postés 4410 Statut Membre 89
     
    salut,

    oui tu es tres infecté...

    Avec hijackthis cofe les lignes suivantes :

    O4 - HKLM\..\Run: [csysx.exe] csysx.exe
    O4 - HKLM\..\Run: [jgtslsnm.exe] C:\WINDOWS\SYSTEM\jgtslsnm.exe
    C:\O4 - HKLM\..\Run: [Privacy tools] C:\WINDOWS\SYSTEM\stcheck32.exe
    O4 - HKLM\..\Run: [lnhinh.dll] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\lnhinh.dll,hcmlkmf
    O4 - HKLM\..\Run: [dkhcporq.exe] C:\WINDOWS\SYSTEM\dkhcporq.exe
    O4 - HKLM\..\Run: [wrydonyf.exe] C:\WINDOWS\SYSTEM\wrydonyf.exe
    O4 - HKLM\..\Run: [dsxiruba.exe] C:\WINDOWS\SYSTEM\dsxiruba.exe
    O4 - HKLM\..\Run: [shcrkrez.exe] C:\WINDOWS\SYSTEM\shcrkrez.exe
    O4 - HKLM\..\Run: [tutmvchq.exe] C:\WINDOWS\SYSTEM\tutmvchq.exe
    O4 - HKLM\..\Run: [nuvajire.exe] C:\WINDOWS\SYSTEM\nuvajire.exe
    O4 - HKLM\..\Run: [hqfibkri.exe] C:\WINDOWS\SYSTEM\hqfibkri.exe
    O4 - HKLM\..\Run: [cfyfspij.exe] C:\WINDOWS\SYSTEM\cfyfspij.exe
    O4 - HKLM\..\Run: [izodqzer.exe] C:\WINDOWS\SYSTEM\izodqzer.exe
    O4 - HKLM\..\Run: [avyzolsz.exe] C:\WINDOWS\SYSTEM\avyzolsz.exe
    O4 - HKLM\..\Run: [cjonszmz.exe] C:\WINDOWS\SYSTEM\cjonszmz.exe
    O4 - HKLM\..\Run: [ezwdijmv.exe] C:\WINDOWS\SYSTEM\ezwdijmv.exe
    O4 - HKLM\..\Run: [ulgtmdal.exe] C:\WINDOWS\SYSTEM\ulgtmdal.exe
    O4 - HKLM\..\Run: [avclwhup.exe] C:\WINDOWS\SYSTEM\avclwhup.exe
    O4 - HKLM\..\Run: [olejqryn.exe] C:\WINDOWS\SYSTEM\olejqryn.exe
    O4 - HKLM\..\Run: [tkxijsfc.exe] C:\WINDOWS\SYSTEM\tkxijsfc.exe
    O4 - HKLM\..\Run: [tkpkpgnk.exe] C:\WINDOWS\SYSTEM\tkpkpgnk.exe
    O4 - HKLM\..\Run: [jwzcbsdc.exe] C:\WINDOWS\SYSTEM\jwzcbsdc.exe
    O4 - HKLM\..\Run: [sjopyxot.exe] C:\WINDOWS\SYSTEM\sjopyxot.exe
    O4 - HKLM\..\Run: [axifktaf.exe] C:\WINDOWS\SYSTEM\axifktaf.exe
    O4 - HKLM\..\Run: [edwjajqj.exe] C:\WINDOWS\SYSTEM\edwjajqj.exe
    O4 - HKLM\..\Run: [jwzkhgjq.exe] C:\WINDOWS\SYSTEM\jwzkhgjq.exe
    O4 - HKLM\..\Run: [dchqvuji.exe] C:\WINDOWS\SYSTEM\dchqvuji.exe
    O4 - HKLM\..\Run: [qjynypgr.exe] C:\WINDOWS\SYSTEM\qjynypgr.exe
    O4 - HKLM\..\Run: [dshehmjo.exe] C:\WINDOWS\SYSTEM\dshehmjo.exe
    O4 - HKLM\..\Run: [ghibwxqd.exe] C:\WINDOWS\SYSTEM\ghibwxqd.exe
    O4 - HKLM\..\Run: [qpebgjmd.exe] C:\WINDOWS\SYSTEM\qpebgjmd.exe
    O4 - HKLM\..\Run: [mbsdwlez.exe] C:\WINDOWS\SYSTEM\mbsdwlez.exe
    O4 - HKLM\..\Run: [czyvunof.exe] C:\WINDOWS\SYSTEM\czyvunof.exe
    O4 - HKLM\..\Run: [badqvyne.exe] C:\WINDOWS\SYSTEM\badqvyne.exe
    O4 - HKLM\..\Run: [jatqlcrk.exe] C:\WINDOWS\SYSTEM\jatqlcrk.exe
    O4 - HKLM\..\Run: [nitsjixk.exe] C:\WINDOWS\SYSTEM\nitsjixk.exe
    O4 - HKLM\..\Run: [ujwhkjgl.exe] C:\WINDOWS\SYSTEM\ujwhkjgl.exe
    O4 - HKLM\..\Run: [efavahsl.exe] C:\WINDOWS\SYSTEM\efavahsl.exe
    O4 - HKLM\..\Run: [unmpotkf.exe] C:\WINDOWS\SYSTEM\unmpotkf.exe
    O4 - HKLM\..\Run: [xalotcle.exe] C:\WINDOWS\SYSTEM\xalotcle.exe
    O4 - HKLM\..\Run: [topavurq.exe] C:\WINDOWS\SYSTEM\topavurq.exe
    O4 - HKLM\..\Run: [vmduxwpi.exe] C:\WINDOWS\SYSTEM\vmduxwpi.exe
    O4 - HKLM\..\Run: [irsjkdwn.exe] C:\WINDOWS\SYSTEM\irsjkdwn.exe
    O4 - HKLM\..\Run: [vyvcpqvc.exe] C:\WINDOWS\SYSTEM\vyvcpqvc.exe
    O4 - HKLM\..\Run: [dirkxcvm.exe] C:\WINDOWS\SYSTEM\dirkxcvm.exe
    O4 - HKLM\..\Run: [cnapozen.exe] C:\WINDOWS\SYSTEM\cnapozen.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)

    ferme toutes les applications et fixe les lignes si dessus

    2
    Télécharge Pocket KillBox sur ton bureau.
    http://www.downloads.subratam.org/KillBox.exe

    Double-clique sur le fichier Killbox.exe, et coche la case "Delete on reboot".
    copie les lignes ci dessous :
    C:\csysx.exe
    C:\WINDOWS\SYSTEM\jgtslsnm.exe
    C:\WINDOWS\SYSTEM\stcheck32.exe
    C:\WINDOWS\SYSTEM\lnhinh.dll,hcmlkmf
    C:\WINDOWS\SYSTEM\dkhcporq.exe
    C:\WINDOWS\SYSTEM\wrydonyf.exe
    C:\WINDOWS\SYSTEM\wrydonyf.exe
    C:\WINDOWS\SYSTEM\dsxiruba.exe
    C:\WINDOWS\SYSTEM\shcrkrez.exe
    C:\WINDOWS\SYSTEM\tutmvchq.exe
    C:\WINDOWS\SYSTEM\nuvajire.exe
    C:\WINDOWS\SYSTEM\hqfibkri.exe
    C:\WINDOWS\SYSTEM\cfyfspij.exe
    C:\WINDOWS\SYSTEM\izodqzer.exe
    C:\WINDOWS\SYSTEM\avyzolsz.exe
    C:\WINDOWS\SYSTEM\cjonszmz.exe
    C:\WINDOWS\SYSTEM\ezwdijmv.exe
    C:\WINDOWS\SYSTEM\ulgtmdal.exe
    C:\WINDOWS\SYSTEM\avclwhup.exe
    C:\WINDOWS\SYSTEM\olejqryn.exe
    C:\WINDOWS\SYSTEM\tkxijsfc.exe
    C:\WINDOWS\SYSTEM\tkpkpgnk.exe
    C:\WINDOWS\SYSTEM\jwzcbsdc.exe
    C:\WINDOWS\SYSTEM\sjopyxot.exe
    C:\WINDOWS\SYSTEM\axifktaf.exe
    C:\WINDOWS\SYSTEM\edwjajqj.exe
    C:\WINDOWS\SYSTEM\jwzkhgjq.exe
    C:\WINDOWS\SYSTEM\dchqvuji.exe
    C:\WINDOWS\SYSTEM\qjynypgr.exe
    C:\WINDOWS\SYSTEM\dshehmjo.exe
    C:\WINDOWS\SYSTEM\ghibwxqd.exe
    C:\WINDOWS\SYSTEM\qpebgjmd.exe
    C:\WINDOWS\SYSTEM\mbsdwlez.exe
    C:\WINDOWS\SYSTEM\czyvunof.exe
    C:\WINDOWS\SYSTEM\badqvyne.exe
    C:\WINDOWS\SYSTEM\jatqlcrk.exe
    C:\WINDOWS\SYSTEM\nitsjixk.exe
    C:\WINDOWS\SYSTEM\ujwhkjgl.exe
    C:\WINDOWS\SYSTEM\efavahsl.exe
    C:\WINDOWS\SYSTEM\unmpotkf.exe
    C:\WINDOWS\SYSTEM\xalotcle.exe
    C:\WINDOWS\SYSTEM\topavurq.exe
    C:\WINDOWS\SYSTEM\vmduxwpi.exe
    C:\WINDOWS\SYSTEM\irsjkdwn.exe
    C:\WINDOWS\SYSTEM\vyvcpqvc.exe
    C:\WINDOWS\SYSTEM\dirkxcvm.exe
    C:\WINDOWS\SYSTEM\cnapozen.exe

    Sur PocketKillBox --> menu "File" --> "Paste from Clipboard"

    Tu peux vérifier dans le menu déroulant que les fichiers sont bien présent.
    - coche la case "Unregister dll before deleting" (si tu en as la possibilité)
    - clique sur le bouton "All files"
    - clique ensuite sur la croix rouge

    Au deux messages qui vont s'afficher, tu réponds par "YES"
    L'ordinateur doit redémarrer, sinon, fais le toi-même, quoiqu'il arrive.

    2
    remet un log hijackthis en entier cette fois car ton premier log nétait pas complet...

    @ toute.
    0
  2. naruto2706 Messages postés 57 Statut Membre 3
     
    Logfile of HijackThis v1.99.1
    Scan saved at 21:13:51, on 16/05/2007
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
    C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
    C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
    C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
    C:\WINDOWS\DELAYRUN.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
    C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
    C:\PROGRAM FILES\INVENTEL\GATEWAY\WLANCFG.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
    C:\WINDOWS\SYSTEM\ZQDOFYXK.EXE
    C:\WINDOWS\RunDLL.exe
    C:\PROGRAM FILES\WANADOO\TASKBARICON.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\WINDOWS\BUREAU\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7b8093ee-1dd2-11b2-a7d3-8b20a9ba170b} - C:\WINDOWS\SYSTEM\DYBVNRJA.DLL
    O2 - BHO: (no name) - {19A04DDB-D96F-7509-3BC1-048AC35C306B} - C:\WINDOWS\SYSTEM\AVRHDMF.DLL
    O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Gateway\wlancfg.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
    O4 - HKLM\..\Run: [zqdofyxk.exe] C:\WINDOWS\SYSTEM\zqdofyxk.exe
    O4 - HKLM\..\Run: [pklgdaxq.exe] C:\WINDOWS\SYSTEM\pklgdaxq.exe
    O4 - HKLM\..\Run: [ypqnsdwt.exe] C:\WINDOWS\SYSTEM\ypqnsdwt.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
    O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
    O4 - HKCU\..\RunServices: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\RunServices: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\RunServices: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
    O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O14 - IERESET.INF: START_PAGE_URL=https://my.yahoo.com/
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 85.255.113.115,85.255.112.12
    O18 - Protocol: offline-8876480 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw00 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw00s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw10 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw10s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw20 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw20s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw30 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw30s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw40 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw40s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw50 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw50s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw60 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw60s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw70 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw70s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw80 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw80s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw90 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw90s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwa0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwa0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwb0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwb0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwc0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwc0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwd0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwd0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwe0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwe0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwf0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwf0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwg0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwg0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwh0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwh0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwi0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwi0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwj0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwj0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwk0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwk0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwl0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwl0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwm0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwm0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwn0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwn0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwo0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwo0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwp0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwp0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwq0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwq0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwr0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwr0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bws0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bws0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwt0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwt0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwu0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwu0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwv0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwv0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bww0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bww0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwx0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwx0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwy0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwy0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwz0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwz0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw-0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw-0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw+0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw+0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
    O21 - SSODL: homina - {df8c3aed-b58e-4bcb-96b3-aa1b7bbdbbd4} - C:\WINDOWS\SYSTEM\oyopu.dll
    0
  3. moK´s@ Messages postés 4410 Statut Membre 89
     
    re,

    1
    toujours avec hijackthis coche et fixe :

    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [pklgdaxq.exe] C:\WINDOWS\SYSTEM\pklgdaxq.exe
    O4 - HKLM\..\Run: [zqdofyxk.exe] C:\WINDOWS\SYSTEM\zqdofyxk.exe
    O4 - HKLM\..\Run: [ypqnsdwt.exe] C:\WINDOWS\SYSTEM\ypqnsdwt.exe
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe

    et avec killbox tu fais comme tout a l´heure voici la liste :
    c:\windows\system\hpsysdrv.exe
    C:\WINDOWS\SYSTEM\pklgdaxq.exe
    C:\WINDOWS\SYSTEM\zqdofyxk.exe
    C:\WINDOWS\SYSTEM\ypqnsdwt.exe
    C:\WINDOWS\SYSTEM\ssdpsrv.exe

    2
    Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
    http://www.atribune.org/ccount/click.php?id=4
    * Double-clique VundoFix.exe afin de le lancer
    * Clique sur le bouton Scan for Vundo
    * Lorsque le scan est complété, clique sur le bouton Remove Vundo
    * Une invite te demandera si tu veux supprimer les fichiers, clique YES
    * Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
    * Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

    * Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

    pEux tu avant de remettre le log hijackthis renommer ton hijackthis en scan.exe

    @+
    0
  4. naruto2706 Messages postés 57 Statut Membre 3
     
    vundo ne m'a rien trouvé : voici donc le rapport :

    Beginning removal...
    et c'est tout ^^
    voici celui de hijackthis :
    Logfile of HijackThis v1.99.1
    Scan saved at 21:13:51, on 16/05/2007
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
    C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
    C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
    C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
    C:\WINDOWS\DELAYRUN.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
    C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
    C:\PROGRAM FILES\INVENTEL\GATEWAY\WLANCFG.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
    C:\WINDOWS\SYSTEM\ZQDOFYXK.EXE
    C:\WINDOWS\RunDLL.exe
    C:\PROGRAM FILES\WANADOO\TASKBARICON.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\WINDOWS\BUREAU\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7b8093ee-1dd2-11b2-a7d3-8b20a9ba170b} - C:\WINDOWS\SYSTEM\DYBVNRJA.DLL
    O2 - BHO: (no name) - {19A04DDB-D96F-7509-3BC1-048AC35C306B} - C:\WINDOWS\SYSTEM\AVRHDMF.DLL
    O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Gateway\wlancfg.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
    O4 - HKLM\..\Run: [zqdofyxk.exe] C:\WINDOWS\SYSTEM\zqdofyxk.exe
    O4 - HKLM\..\Run: [pklgdaxq.exe] C:\WINDOWS\SYSTEM\pklgdaxq.exe
    O4 - HKLM\..\Run: [ypqnsdwt.exe] C:\WINDOWS\SYSTEM\ypqnsdwt.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
    O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
    O4 - HKCU\..\RunServices: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\RunServices: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\RunServices: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
    O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O14 - IERESET.INF: START_PAGE_URL=https://my.yahoo.com/
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 85.255.113.115,85.255.112.12
    O18 - Protocol: offline-8876480 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw00 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw00s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw10 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw10s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw20 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw20s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw30 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw30s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw40 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw40s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw50 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw50s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw60 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw60s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw70 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw70s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw80 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw80s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw90 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw90s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwa0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwa0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwb0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwb0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwc0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwc0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwd0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwd0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwe0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwe0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwf0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwf0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwg0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwg0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwh0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwh0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwi0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwi0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwj0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwj0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwk0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwk0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwl0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwl0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwm0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwm0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwn0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwn0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwo0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwo0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwp0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwp0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwq0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwq0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwr0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwr0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bws0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bws0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwt0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwt0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwu0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwu0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwv0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwv0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bww0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bww0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwx0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwx0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwy0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwy0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwz0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwz0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw-0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw-0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw+0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw+0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
    O21 - SSODL: homina - {df8c3aed-b58e-4bcb-96b3-aa1b7bbdbbd4} - C:\WINDOWS\SYSTEM\oyopu.dll

    par contre je n'ai pas bien compris le truc du rennomage
    0
    1. moK´s@ Messages postés 4410 Statut Membre 89
       
      salut,

      je voudrais que tu renome hijackthis en scan.exe

      pour cela tu click droit sur l´icone hijackthis puis renomer et tu l´appel scan.exe
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. naruto2706 Messages postés 57 Statut Membre 3
     
    Logfile of HijackThis v1.99.1
    Scan saved at 13:16:30, on 17/05/2007
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
    C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
    C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\INVENTEL\GATEWAY\WLANCFG.EXE
    C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    C:\WINDOWS\SYSTEM\JKBGLSDC.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
    C:\PROGRAM FILES\WANADOO\TASKBARICON.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
    C:\WINDOWS\RunDLL.exe
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\PROGRAM FILES\BACKWEB\BACKWEB\PROGRAM\BWDELAY.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\BUREAU\SCAN.EXE.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {19A04DDB-D96F-7509-3BC1-048AC35C306B} - C:\WINDOWS\SYSTEM\AVRHDMF.DLL
    O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
    O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Gateway\wlancfg.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    O4 - HKLM\..\Run: [jkbglsdc.exe] C:\WINDOWS\SYSTEM\jkbglsdc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [mpmzwrgn.exe] C:\WINDOWS\SYSTEM\mpmzwrgn.exe
    O4 - HKLM\..\Run: [pczqvmpg.exe] C:\WINDOWS\SYSTEM\pczqvmpg.exe
    O4 - HKLM\..\Run: [zepytiju.exe] C:\WINDOWS\SYSTEM\zepytiju.exe
    O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
    O4 - HKLM\..\Run: [rsvkzypi.exe] C:\WINDOWS\SYSTEM\rsvkzypi.exe
    O4 - HKLM\..\Run: [vufmvale.exe] C:\WINDOWS\SYSTEM\vufmvale.exe
    O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
    O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
    O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
    O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O14 - IERESET.INF: START_PAGE_URL=https://my.yahoo.com/
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 85.255.113.115,85.255.112.12
    O18 - Protocol: offline-8876480 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw00 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw00s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw10 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw10s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw20 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw20s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw30 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw30s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw40 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw40s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw50 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw50s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw60 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw60s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw70 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw70s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw80 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw80s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw90 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw90s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwa0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwa0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwb0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwb0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwc0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwc0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwd0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwd0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwe0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwe0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwf0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwf0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwg0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwg0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwh0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwh0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwi0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwi0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwj0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwj0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwk0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwk0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwl0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwl0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwm0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwm0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwn0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwn0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwo0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwo0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwp0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwp0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwq0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwq0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwr0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwr0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bws0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bws0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwt0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwt0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwu0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwu0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwv0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwv0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bww0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bww0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwx0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwx0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwy0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwy0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwz0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwz0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw-0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw-0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw+0 - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bw+0s - {A6716895-6ED8-418B-B893-FC5FFA6004FB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL

    0
  7. moK´s@ Messages postés 4410 Statut Membre 89
     
    re,

    bon ok

    avec hijackthis tu coche et fixe toutes les lignes 018

    puis

    - Va dans le Panneau de Configuration >> Ajout/Suppression de programmes, et désinstalle/supprime celui-ci :

    Logitech Desktop Messenger

    explication :

    **Note : ce programme permet la mise à jour automatique des progs "Logitech". En réalité, c'est un prog inutile qui bouffe les ressources et qui "ouvre une porte" qui pourrait être exploitée par des pirates. Je conseille sa désinstallation, mais à toi d'en juger. Les mises à jour de logiciels "Logitech" se font aisément à partir des progs eux-mêmes ( en manuel : tu cliques sur la miniature de ta WebCam près de l’horlroge )), donc pas de soucis de ce côté.

    Pour "backweb-8876480" c'est logitech effectivement.
    -C'est un prog espion qui soit disant d'après eux sert a faire des mises a jour...mais rien n'est prouvé et il semblerait qu'il soit plus espion que programme de mise a jour.
    -Mais il peut aussi se trouver dans d'autres programmes.
    -Le problème majeur étant qu'il provoque une faille de sécurité.

    2
    Télécharge VirtumundoBegone sur le bureau:
    http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

    Double clique ensuite sur VirtumundoBeGone.exe et suis les instructions.
    Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le bureau dans ta prochaine réponse avec un nouveau rapport HijackThis.
    Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale", c'est normal et attendu.

    3
    desinstale ta version de hijackthis et prends celle la :

    * Télécharge HijackThis et poste le rapport stp

    http://pchelpbordeaux.free.fr/logiciels.html
    Tutorial
    http://pchelpbordeaux.free.fr/tuto.html
    Démo en image
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    Puis colle le rapport virtumondebegone et un nouveau hijackthis

    @+
    0
  8. naruto2706 Messages postés 57 Statut Membre 3
     
    pour le logiciel VBG je peux pas pasue j'ai un millenium et ça marche que sur 2000,XP... je fais quoi ?
    0
  9. moK´s@ Messages postés 4410 Statut Membre 89
     
    bon le fais pas

    Fais ceci

    * Relance Vundofix
    * Ne clique pas sur "Scan for a vundo"
    * Clique droit au milieu de la fenêtre
    * Clique sur Add more files ?
    * Copie/colle les fichiers ci-dessous ( un par case) :

    C:\WINDOWS\SYSTEM\AVRHDMF.DLL

    * Clique sur Add files
    * Ensuite clique sur Close Windows
    * Enfin, clique sur Remove Vundo ( les fichiers précédents doivent apparaitre dans la fenêtre principale)
    * Si l'outils demande un redémarrage, accepte
    * Poste le rapport Vundofix
    0
  10. naruto2706 Messages postés 57 Statut Membre 3
     
    ça reste 30 minutes sur rebooting sans rien changer donc je suis obligé de redemarer manuellement mais ça me marque que "begining removal" donc...
    enfin voila le rapport hijack :
    Logfile of HijackThis v1.99.1
    Scan saved at 14:40:09, on 17/05/2007
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
    C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
    C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\DELAYRUN.EXE
    C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
    C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\WANADOO\TASKBARICON.EXE
    C:\WINDOWS\SYSTEM\ZEPYTIJU.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
    C:\WINDOWS\RunDLL.exe
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\PROGRAM FILES\INVENTEL\GATEWAY\WLANCFG.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\BACKWEB\BACKWEB\PROGRAM\BWDELAY.EXE
    C:\WINDOWS\BUREAU\SCAN.EXE.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {19A04DDB-D96F-7509-3BC1-048AC35C306B} - C:\WINDOWS\SYSTEM\AVRHDMF.DLL (file missing)
    O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
    O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Gateway\wlancfg.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
    O4 - HKLM\..\Run: [jkbglsdc.exe] C:\WINDOWS\SYSTEM\jkbglsdc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [mpmzwrgn.exe] C:\WINDOWS\SYSTEM\mpmzwrgn.exe
    O4 - HKLM\..\Run: [pczqvmpg.exe] C:\WINDOWS\SYSTEM\pczqvmpg.exe
    O4 - HKLM\..\Run: [zepytiju.exe] C:\WINDOWS\SYSTEM\zepytiju.exe
    O4 - HKLM\..\Run: [rsvkzypi.exe] C:\WINDOWS\SYSTEM\rsvkzypi.exe
    O4 - HKLM\..\Run: [vufmvale.exe] C:\WINDOWS\SYSTEM\vufmvale.exe
    O4 - HKLM\..\Run: [idifatep.exe] C:\WINDOWS\SYSTEM\idifatep.exe
    O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
    O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
    O4 - HKLM\..\Run: [bwdyvavu.exe] C:\WINDOWS\SYSTEM\bwdyvavu.exe
    O4 - HKLM\..\Run: [aluhingn.exe] C:\WINDOWS\SYSTEM\aluhingn.exe
    O4 - HKLM\..\Run: [qlsnszyb.exe] C:\WINDOWS\SYSTEM\qlsnszyb.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
    O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot
    O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_07\BIN\SSV.DLL
    O14 - IERESET.INF: START_PAGE_URL=https://my.yahoo.com/
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 85.255.113.115,85.255.112.12
    0
    1. moK´s@ Messages postés 4410 Statut Membre 89
       
      non mais y a du progret on a viré l´infection vundo :D et puis toutes les 018...

      fait ceci :
      1
      ¤ Télécharge Clean
      ----> http://www.malekal.com/download/clean.zip

      Dézippe tout le contenu dans le même dossier. Double clic sur clean ou clean.cmd choisissez l'option 1.
      Un rapport va s'ouvrir, copie et colle le contenu ici


      2
      télécharges smitfraudfix :

      En image :
      http://siri.urz.free.fr/Fix/SmitfraudFix.php

      tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
      cela vas générer un rapport.

      Copie/colle le rapport sur le forum stp.



      Redémarre le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) dès le démarrage et tu choisis le mode sans échec)

      - Ouvre le dossier "SmitfraudFix" et double clique sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.

      Enregistre le rapport puis Copie/colle le rapport sur le forum stp.

      colle löes 2 rapports ici
      0
  11. naruto2706 Messages postés 57 Statut Membre 3
     
    pour clean ça me donne un format inconnu et il faut que je lui trouve un ogiciel pour l'executer...c'est quoi ?
    je m'en vais je reiens tout à l'heure ++
    0
  12. moK´s@ Messages postés 4410 Statut Membre 89
     
    tu as win rar ou autre chose pour ouvrir les formats compressés???
    0
  13. naruto2706 Messages postés 57 Statut Membre 3
     
    oui ça j'ai mais c'est pour ouvrir le fichier clean.cmd
    0
  14. moK´s@ Messages postés 4410 Statut Membre 89
     
    alors tu le trouve pas?
    0
  15. naruto2706 Messages postés 57 Statut Membre 3
     
    si j'ai trouvé le fichier mais je peux pas l'ouvrir...
    0
  16. moK´s@ Messages postés 4410 Statut Membre 89
     
    bon fais juste smitfraudfix
    0