WIN32 adloader kb

Résolu
annie_bzh Messages postés 22 Statut Membre -  
 LilG -
Bonjour !
Mon ordi est infecté avec WIN32 adloader KB
Voilà mon rapport hijackThis

Logfile of HijackThis v1.99.1
Scan saved at 09:34:47, on 30/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\ZoneAlarm\zlclient.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashChest.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\7-Zip\7zFM.exe
C:\DOCUME~1\ANNIEB~1\LOCALS~1\Temp\7zO75.tmp\TEST.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [kriybnbg] c:\windows\system32\kriybnbg.exe kriybnbg
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453972 14
O4 - HKCU\..\Run: [MSMSGS] "c:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Firewall auto setup] C:\DOCUME~1\ANNIEB~1\LOCALS~1\Temp\winlogon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://words29.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://words29.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5085/mcfscan.cab
O18 - Protocol: bw+0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: printers - {6F92FAA7-02FF-47C1-AFAE-A49B3B440496} - libcintles3.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Configuration: Windows XP
Internet Explorer 7.0

35 réponses

  • 1
  • 2
Résumé de la discussion

Une infection présumée par WIN32 Adloader KB est examinée à partir d'un rapport HijackThis détaillant de nombreuses entrées système et des composants potentiellement nuisibles. Plusieurs éléments de réponse évoquent la relance du scan HijackThis, la sélection des éléments à supprimer et la poursuite par un scan AVG en mode normal. Des indications complémentaires recommandent l'analyse des résultats, l’application des actions et le recours à des outils de nettoyage du registre, avec des tutoriels en ligne. En cas de persistance, un nouveau rapport HijackThis et un nouveau scan AVG ont été évoqués, ainsi que des approches pour prévenir d’éventuels réinfections.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. annie_bzh Messages postés 22 Statut Membre
     
    et l'infection n'a pas été détectée avec msn fix
    0
  2. LilG
     
    Bonjour alors,

    Télécharge Msnfix==>http://sosvirus.changelog.fr/MSNFix.zip

    Fait ceci:

    = Clic-Droit sur MSNFix.zip
    = Extraire ici ( ou extraire sans confirmation ou tout ou unzip)
    = Double-Clic sur le dossier MSNfix qui vient de se créer
    = Double-Clic MSNfix ==> Symbole roue dentée
    = Choisir R
    = Choisir ensuite N ( si infection)
    = Enregistrer le rapport
    le copier/coller dans la réponse

    Télécharge Ccleanner==>https://www.luanagames.com/index.fr.html

    Fait ceci:

    Installer ==> Sur la page qui offre plusieurs choix , ne laisser cochés que les 2 premiers :
    « ajouter un raccourci sur le bureau » et « ajouter un raccourci dans le menu démarrer »
    quand le programme est installé double clic sur l'icone ccleaner
    lance le nettoyage
    et lance" corriger les erreurs" dans la séction "erreurs"

    J'attend le rapport msnfix pour continuer.
    Par la suite on va surement néttoyé le registre.
    0
  3. annie_bzh Messages postés 22 Statut Membre
     
    MSN_Fix 1.448

    C:\Documents and Settings\Annie BOUZELOC\Mes documents\Install
    Fix exécuté le 30/07/2007 - 10:04:24,35 By Annie B*******
    mode normal

    ************************ Fichiers suspects

    /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

    ------------------------------------------------------------------------
    Auteur : !aur3n7 Contact: https://www.aceboard.fr/
    ------------------------------------------------------------------------
    0
  4. LilG
     
    Trés bien

    Télécharge Ccleanner==>https://www.luanagames.com/index.fr.html

    Fait ceci:

    Installer ==> Sur la page qui offre plusieurs choix , ne laisser cochés que les 2 premiers :
    « ajouter un raccourci sur le bureau » et « ajouter un raccourci dans le menu démarrer »
    quand le programme est installé double clic sur l'icone ccleaner
    lance le nettoyage
    et lance" corriger les erreurs" dans la séction "erreurs"

    ----------------------------------------------------------------------

    Télécharge AVG antispyware==>https://www.01net.com/telecharger/

    Fait ceci:

    = Installer
    = Le lancer
    = Clic : Mise à jour
    ------
    = Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
    Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes.

    Relancer le Pc et tapoter la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
    -------
    = Dans ANALYSE ( en forme de loupe )
    ==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
    ==> Clic : Analyse complète du système
    En fin de scan ( qui est assez long)
    ==> Clic Appliquer toutes les actions <== ceci Très important
    ==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
    -------
    En mode normal
    Copier/coller le rapport ( qui est sur le bureau) dans la réponse
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. annie_bzh Messages postés 22 Statut Membre
     
    sur ccleaner, il n'y a pas "corriger les erreurs" mais il y a chercher les erreurs (c'et ce que j'ai fait)
    0
  7. annie_bzh Messages postés 22 Statut Membre
     
    dois-je ensuite cliquer sur "reparer les erreurs sélectionnées"?
    0
  8. LilG
     
    Oui c'est sa clic réparer les erreurs et continue avec AVG pour la suite et post le rapport AVG a la fin de l'analyse!

    ps: le scan de AVG est relativement long ne t'inquiéte pas ;)
    0
  9. annie_bzh Messages postés 22 Statut Membre
     
    mon scan AVG c'est coupé (cause batterie portable), au bout d'1H15, il y avait une cinquantaine de cookies traceurs infectés mais c'était pas fini.
    Depuis, j'arrive plus à remettre en mode sans echec
    0
  10. LilG
     
    Ah eh bien tente le scan d'AVG en mode normal poste le rapport je vérifie tout sa dés mon retour

    Bon courage;)
    0
  11. annie_bzh Messages postés 22 Statut Membre
     
    OK bon appétit !
    0
  12. LilG
     
    Merci a toi aussi!
    0
    1. annie_bzh Messages postés 22 Statut Membre
       
      ALLO???
      0
  13. annie_bzh Messages postés 22 Statut Membre
     
    Voilà le rapport AVG : 135 fichiers infectés (malheureux ordi!!!) donc 3 "menaces elevées" et plein de trackingcookie en "niveau moyen"

    C:\WINDOWS\album11.zip/album11.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\album2.zip/album2.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\album47.zip/album47.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\album5.zip/album5.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\album98.zip/album98.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\image014.zip/image014.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\image065.zip/image065.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\image08.zip/image08.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\image080.zip/image080.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\images18.zip/images18.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\images24.zip/images24.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\images36.zip/images36.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\images75.zip/images75.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\images90.zip/images90.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\images93.zip/images93.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\images96.zip/images96.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo42.zip/photo42.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo51.zip/photo51.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo66.zip/photo66.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album28.zip/photo_album28.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album4.zip/photo_album4.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album46.zip/photo_album46.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album52.zip/photo_album52.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album55.zip/photo_album55.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album61.zip/photo_album61.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album73.zip/photo_album73.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album82.zip/photo_album82.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album85.zip/photo_album85.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album88.zip/photo_album88.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photo_album91.zip/photo_album91.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photos2007_1.zip/photos2007_1.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photos2007_19.zip/photos2007_19.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photos2007_37.zip/photos2007_37.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photos2007_43.zip/photos2007_43.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photos2007_64.zip/photos2007_64.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\photos2007_67.zip/photos2007_67.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\WINDOWS\system32\msn.exe -> Backdoor.IRCBot.acd : Aucune action entreprise.
    C:\Documents and Settings\Annie \Local Settings\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\Cache\25A5F6B1d01 -> Downloader.Banload.bej : Aucune action entreprise.
    [204] VM_02C00000 -> Proxy.Small.ck : Aucune action entreprise.
    C:\Documents and Settings\Annie \Cookies\annie_b@247realmedia[2].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@247realmedia[2].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    C:\Documents and Settings\Annie \Cookies\annie_bouzeloc@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Annie \Cookies\annie_bouzeloc@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@networksolutions.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@notrefamille.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
    C:\Documents and Settings\Annie \Cookies\annie_b@adrevolver[1].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
    :mozilla.10:C:\Documents and Settings\Annie \Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
    :mozilla.11:C:\Documents and Settings\Annie \Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
    C:\Documents and Settings\Annie \Cookies\annie_bouzeloc@adtech[2].txt -> TrackingCookie.Adtech : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
    :mozilla.14:C:\Documents and Settings\Annie \Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    :mozilla.15:C:\Documents and Settings\Annie \Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    :mozilla.16:C:\Documents and Settings\Annie \Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    :mozilla.17:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@advertising[1].txt -> TrackingCookie.Advertising : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@adviva[2].txt -> TrackingCookie.Adviva : Aucune action entreprise.
    :mozilla.42:C:\Documents and Settings\Annie \Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
    :mozilla.12:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_b@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_bouzeloc@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@casalemedia[2].txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_b@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@com[1].txt -> TrackingCookie.Com : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_b@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@dealtime[1].txt -> TrackingCookie.Dealtime : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
    :mozilla.77:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_bouzeloc@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@estat[2].txt -> TrackingCookie.Estat : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@www.etracker[1].txt -> TrackingCookie.Etracker : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@as1.falkag[1].txt -> TrackingCookie.Falkag : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@fastclick[2].txt -> TrackingCookie.Fastclick : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@ehg-citenumerique.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@ehg-cogemag.hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@ehg-quechoisir.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
    :mozilla.65:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Live : Aucune action entreprise.
    :mozilla.66:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Live : Aucune action entreprise.
    :mozilla.67:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Live : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@search.live[2].txt -> TrackingCookie.Live : Aucune action entreprise.
    :mozilla.127:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
    :mozilla.128:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
    :mozilla.13:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@mediaplex[2].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@overture[2].txt -> TrackingCookie.Overture : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_bouzeloc@questionmarket[1].txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@questionmarket[1].txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
    :mozilla.113:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
    :mozilla.81:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_b@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_b@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
    :mozilla.135:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    :mozilla.136:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    :mozilla.137:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_bouzeloc@smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@specificclick[2].txt -> TrackingCookie.Specificclick : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_bouzeloc@statcounter[1].txt -> TrackingCookie.Statcounter : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@statcounter[1].txt -> TrackingCookie.Statcounter : Aucune action entreprise.
    :mozilla.115:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
    C:\Documents and Settings\Annie BOUZELOC\Cookies\annie_b@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@vegasred[2].txt -> TrackingCookie.Vegasred : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@www.vegasred[2].txt -> TrackingCookie.Vegasred : Aucune action entreprise.
    :mozilla.116:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_bouzeloc@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
    C:\Documents and Settings\Annie\Cookies\annie_b@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
    :mozilla.46:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
    :mozilla.47:C:\Documents and Settings\Annie\Application Data\Mozilla\Firefox\Profiles\o8ylkgk8.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
    C:\Documents and Settings\Annie BOUZELOC\Cookies\annie_b@zedo[1].txt -> TrackingCookie.Zedo : Aucune action entreprise.
    C:\Documents and Settings\Invité\Cookies\invité@zedo[1].txt -> TrackingCookie.Zedo : Aucune action entreprise.
    0
  14. annie_bzh Messages postés 22 Statut Membre
     
    Pour info : depuis plusieurs heures "avast" ne me dit plus : "vous avez un virus dans votre ordinateur", c'est déjà ça
    0
  15. annie_bzh Messages postés 22 Statut Membre
     
    En attendant que tu reviennes (LilG), j'ai passé Skybot sur mon ordi.
    Verdict : 7 cookies et 3 valeurs de registre.
    Peux-tu me dire ce qu'est une "valeur de registre", s'il te plait ?
    0
  16. LilG
     
    Si tu veut te renseigné sur le ce qu'est le registre==>http://www.clashinfo.com/astuce/regedit/art127-registre-sert.html

    En parlant de registre on va le néttoyer un peu

    Télécharge Regcleanner==>https://www.01net.com/telecharger/

    Suivre les démarches expliqué sur ce tutoriel==>https://www.malekal.com/nettoyer-sa-base-de-registre-avec-windows-registry-cleaner/

    -------------------------------------------------------------------------------------------------------------

    Nouveau rapport Hijack

    Merci de ta patience.

    Refait un scan AVG en mode normal en suivant bien cette démarche:
    = Dans ANALYSE ( en forme de loupe )
    ==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
    ==> Clic : Analyse complète du système
    En fin de scan ( qui est assez long)
    ==> Clic Appliquer toutes les actions <== ceci Très important

    Fait le dés que possible
    0
  17. annie_bzh Messages postés 22 Statut Membre
     
    J'ai téléchargé Regcleanner et mon registre est nettoyé (j'ai suivi le tutoriel)
    0
  18. LilG
     
    Poste un nouveau rapport Hijack pour vérifié si tout est Ok
    0
  19. annie_bzh Messages postés 22 Statut Membre
     
    Là, je refaits un scan AVG (pour le moment, je suis à environ la moitié et j'ai encore 14 objets infectés (malheureux ordi !!! il est bien malade tout ça à cause d'un de mes contact msn qui m'a envoyé une photo zip hier et quand j'ai essayé de l'ouvrir ça à tout contaminé, ce contact msn va se faire gronder la prochaine fois que je le verrais sur msn!!!!!!!!! )
    0
  20. LilG
     
    Ok a tu bien réglé pour mettre en quarrantaine?

    Et a la fin de ton scan il est important que tu clique sur ==>Aplliquer toute les action<== (Pour mettre en quarranteine est néttoyé tout)

    Post quand méme le rapport AVG + Hijack

    Merci
    0
  21. annie_bzh Messages postés 22 Statut Membre
     
    Il suffit de le demander

    Logfile of HijackThis v1.99.1
    Scan saved at 18:50:29, on 30/07/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\sm56hlpr.exe
    C:\Program Files\Power Manager\PM.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\Program Files\ZoneAlarm\zlclient.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\PROGRA~1\MESSEN~1\Msmsgs.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
    C:\Program Files\Logitech\QuickCam10\COCIManager.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Annie BOUZELOC\Mes documents\Install\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
    O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453972 14
    O4 - HKCU\..\Run: [MSMSGS] "c:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Firewall auto setup] C:\DOCUME~1\ANNIEB~1\LOCALS~1\Temp\winlogon.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://words29.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://words29.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5085/mcfscan.cab
    O18 - Protocol: bw+0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {ECE1A197-C951-49DF-8595-94E1AD766CAE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O21 - SSODL: printers - {6F92FAA7-02FF-47C1-AFAE-A49B3B440496} - libcintles3.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  • 1
  • 2