[ Windows XP ] Fond d'écran bloqué
Fermé
AnTi-VIP
-
14 mai 2008 à 00:37
AnTi-ViP Messages postés 76 Date d'inscription jeudi 15 mai 2008 Statut Membre Dernière intervention 2 février 2020 - 15 juin 2008 à 20:23
AnTi-ViP Messages postés 76 Date d'inscription jeudi 15 mai 2008 Statut Membre Dernière intervention 2 février 2020 - 15 juin 2008 à 20:23
A voir également:
- [ Windows XP ] Fond d'écran bloqué
- Double ecran - Guide
- Cle windows xp - Guide
- Retourner ecran windows - Guide
- Telecharger windows xp - Télécharger - Systèmes d'exploitation
- Windows update bloqué - Guide
49 réponses
hamagil
Messages postés
5458
Date d'inscription
lundi 23 avril 2007
Statut
Membre
Dernière intervention
6 janvier 2018
723
25 mai 2008 à 03:40
25 mai 2008 à 03:40
tu dois aller dans le registre pour suprimer ca : [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LSA Shellu"=-
mais si tu a fais un SDFix , et que "C:\Documents and Settings\Misslin\lsass.exe" , a ete suprimer ca devrais aller , car la clee de registre y faisais reference
pour acceder a la base de registre , tu fais : demmarer , executer , et tu tape "regedit"
ensuite tu fais defiler l'arborescence jusqua arriver a la clee nommee au dessus
avant de modifier la base de registre , il est preferable de la sauvegarder , normalement quand tu a installer Spybot , il ta proposer de faire une sauvegarde de la "base de registre"
sinon , une fois que tu est sur la fenetre "regedit" , tu clique sur : fichier , exporter , et la tu trouve un emplacement ou sauvegarder la "base de registre"
pour ce qui est de suprimer ce qui ce trouve dans C/WINDOWS/system32
je te disais d'aller dans ce dossier pour suprimer le cheval de troie q'avast ta trouver et que tu arrive pas a mettre en quarantaine
tu fais : post de travail , disque"C" , windows , systeme32 , et tu suprime ce q'avast arrive pas a mettre en quarantaine ( le nom qu'avast te donne pour le cheval de troie )
maintanant que SDFix a reussis a suprimer "C:\Documents and Settings\Misslin\lsass.exe" reposte un log hijack , comme ca je te dirais si tu est plus infecte ( normalement non ),et je te dirais quelles lignes tu dois delete ( les no name )
tu reactiveras la restau systeme apres avoir poste les log hijack , et quand tu auras "fixer" les lignes qui reste a enlever , et apres avoir fais un nettoyage du PC avec CCLEANER ( si ton PC est plus infecte )
lien CCLEANER : http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
"LSA Shellu"=-
mais si tu a fais un SDFix , et que "C:\Documents and Settings\Misslin\lsass.exe" , a ete suprimer ca devrais aller , car la clee de registre y faisais reference
pour acceder a la base de registre , tu fais : demmarer , executer , et tu tape "regedit"
ensuite tu fais defiler l'arborescence jusqua arriver a la clee nommee au dessus
avant de modifier la base de registre , il est preferable de la sauvegarder , normalement quand tu a installer Spybot , il ta proposer de faire une sauvegarde de la "base de registre"
sinon , une fois que tu est sur la fenetre "regedit" , tu clique sur : fichier , exporter , et la tu trouve un emplacement ou sauvegarder la "base de registre"
pour ce qui est de suprimer ce qui ce trouve dans C/WINDOWS/system32
je te disais d'aller dans ce dossier pour suprimer le cheval de troie q'avast ta trouver et que tu arrive pas a mettre en quarantaine
tu fais : post de travail , disque"C" , windows , systeme32 , et tu suprime ce q'avast arrive pas a mettre en quarantaine ( le nom qu'avast te donne pour le cheval de troie )
maintanant que SDFix a reussis a suprimer "C:\Documents and Settings\Misslin\lsass.exe" reposte un log hijack , comme ca je te dirais si tu est plus infecte ( normalement non ),et je te dirais quelles lignes tu dois delete ( les no name )
tu reactiveras la restau systeme apres avoir poste les log hijack , et quand tu auras "fixer" les lignes qui reste a enlever , et apres avoir fais un nettoyage du PC avec CCLEANER ( si ton PC est plus infecte )
lien CCLEANER : http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
AnTi-ViP
Messages postés
76
Date d'inscription
jeudi 15 mai 2008
Statut
Membre
Dernière intervention
2 février 2020
13
25 mai 2008 à 11:24
25 mai 2008 à 11:24
J'ai sauvegarder le registre avant de supprimer à la main ( pas en mode sans échec ) la clée :
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LSA Shellu"=-
Pour le cheval de troie, j'ai regardé l'historique des avertissement dans avast, et bizarement toutes les alertes sont cyclique, elles reviennent exactement toutes les heures à la secondes près. Par contre ça vient casiment à chaque fois d'un autre fichier :S ( je peux t'envoyer un screen par mp )
Le dossier system32 étant bourré de fichiers je sais pas lesquels supprimer dans les avertissement y'en à au moins 30 différents à supprimer.
J'vais faire un scan hijack.
++
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LSA Shellu"=-
Pour le cheval de troie, j'ai regardé l'historique des avertissement dans avast, et bizarement toutes les alertes sont cyclique, elles reviennent exactement toutes les heures à la secondes près. Par contre ça vient casiment à chaque fois d'un autre fichier :S ( je peux t'envoyer un screen par mp )
Le dossier system32 étant bourré de fichiers je sais pas lesquels supprimer dans les avertissement y'en à au moins 30 différents à supprimer.
J'vais faire un scan hijack.
++
AnTi-ViP
Messages postés
76
Date d'inscription
jeudi 15 mai 2008
Statut
Membre
Dernière intervention
2 février 2020
13
25 mai 2008 à 11:27
25 mai 2008 à 11:27
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:55, on 25/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINDOWS\system32\CAPRPCSK.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Misslin\lsass.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {18556B3C-5D66-442C-AA76-F7D98538C38B} - C:\WINDOWS\system32\iifgHwvU.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7F787FCB-B1E6-48DB-8304-7671DEB43A1E} - (no file)
O2 - BHO: (no name) - {8691F860-96E4-4FB3-8D35-531C0D1B0AC1} - C:\WINDOWS\system32\hgGxUMET.dll
O2 - BHO: (no name) - {B6F2DD05-DF86-48BE-81A0-527ED89FD065} - C:\WINDOWS\system32\yayvVoOG.dll (file missing)
O2 - BHO: (no name) - {E351372B-3024-463F-A6BF-E8042563C912} - (no file)
O2 - BHO: (no name) - {F3230736-6A06-4869-AFEA-9884CC361498} - (no file)
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CAPON] C:\WINDOWS\System32\Spool\Drivers\w32x86\3\CAPONN.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Misslin\lsass.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jnwnw64r.exe
O4 - Global Startup: Fenêtre d'état Canon LBP-800.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: hgGxUMET - C:\WINDOWS\SYSTEM32\hgGxUMET.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
Scan saved at 11:25:55, on 25/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINDOWS\system32\CAPRPCSK.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Misslin\lsass.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {18556B3C-5D66-442C-AA76-F7D98538C38B} - C:\WINDOWS\system32\iifgHwvU.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7F787FCB-B1E6-48DB-8304-7671DEB43A1E} - (no file)
O2 - BHO: (no name) - {8691F860-96E4-4FB3-8D35-531C0D1B0AC1} - C:\WINDOWS\system32\hgGxUMET.dll
O2 - BHO: (no name) - {B6F2DD05-DF86-48BE-81A0-527ED89FD065} - C:\WINDOWS\system32\yayvVoOG.dll (file missing)
O2 - BHO: (no name) - {E351372B-3024-463F-A6BF-E8042563C912} - (no file)
O2 - BHO: (no name) - {F3230736-6A06-4869-AFEA-9884CC361498} - (no file)
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CAPON] C:\WINDOWS\System32\Spool\Drivers\w32x86\3\CAPONN.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Misslin\lsass.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jnwnw64r.exe
O4 - Global Startup: Fenêtre d'état Canon LBP-800.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1C18D14A-1DD1-4728-95D2-0CC0E1661A54} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: hgGxUMET - C:\WINDOWS\SYSTEM32\hgGxUMET.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
AnTi-ViP
Messages postés
76
Date d'inscription
jeudi 15 mai 2008
Statut
Membre
Dernière intervention
2 février 2020
13
25 mai 2008 à 11:37
25 mai 2008 à 11:37
Comme je t'avais dis dans mon post plus tôt ce matin, les alertes sont cycliques. Ce matin j'ai allumé mon pc à 10h30, message d'avast 'un cheval de Troie à été trouvé', à 11h30 le même message. je compare et ce sont pas les même fichiers.
A 10h30 c'étais : fccbXnOE.dll
A 11h30 c'étais : jkkJcYPI.dll
Toutes les alertes précedentes venait aussi de fichier .dll
___________________________________
Edit : en fait dans le dossier system32 il y'a plein de fichier dll, et je pense que le cheval de troie est composé de tous ses fichiers. J'aurai donc ce messages jusqu'à que tous les fichiers qu'il le compose soit delet.
Il faut donc delet tous les fichiers dll à la main non ?
______________________________________
Edit 2 : J'ai selectionné le nombre de fichiesr dll, il y'en à environ 1000
J'attends tes réponses pour continuer.+
A 10h30 c'étais : fccbXnOE.dll
A 11h30 c'étais : jkkJcYPI.dll
Toutes les alertes précedentes venait aussi de fichier .dll
___________________________________
Edit : en fait dans le dossier system32 il y'a plein de fichier dll, et je pense que le cheval de troie est composé de tous ses fichiers. J'aurai donc ce messages jusqu'à que tous les fichiers qu'il le compose soit delet.
Il faut donc delet tous les fichiers dll à la main non ?
______________________________________
Edit 2 : J'ai selectionné le nombre de fichiesr dll, il y'en à environ 1000
J'attends tes réponses pour continuer.+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
AnTi-ViP
Messages postés
76
Date d'inscription
jeudi 15 mai 2008
Statut
Membre
Dernière intervention
2 février 2020
13
12 juin 2008 à 23:43
12 juin 2008 à 23:43
PC formaté, problème résolu
Merci à hamagil pour toute son aide apporté.
Commen fait-on pour faire passer le topic en Problème résolu ?
Merci à hamagil pour toute son aide apporté.
Commen fait-on pour faire passer le topic en Problème résolu ?
hamagil
Messages postés
5458
Date d'inscription
lundi 23 avril 2007
Statut
Membre
Dernière intervention
6 janvier 2018
723
13 juin 2008 à 09:17
13 juin 2008 à 09:17
en premiere page , a droite eu dessus de ton 1er post ( ta demmande d'aide ) , tu coche resolus et tu applique
si tu a un probleme , hesite pas a me contacter
si tu a un probleme , hesite pas a me contacter
AnTi-ViP
Messages postés
76
Date d'inscription
jeudi 15 mai 2008
Statut
Membre
Dernière intervention
2 février 2020
13
13 juin 2008 à 11:49
13 juin 2008 à 11:49
Je vois pas ou cocher xD
hamagil
Messages postés
5458
Date d'inscription
lundi 23 avril 2007
Statut
Membre
Dernière intervention
6 janvier 2018
723
14 juin 2008 à 21:30
14 juin 2008 à 21:30
tu vois pas ou cocher , car tu etais pas inscrit sur le site quand tu a poste ta demmande d'aide
il faut etre inscrit pour pouvoir passer le sujet en resolus
sinon , quand c'est possible , il y a une case " probleme resolus" a cocher au dessus du titre , en 1ere page ( dans un cadre jaune )
il faut etre inscrit pour pouvoir passer le sujet en resolus
sinon , quand c'est possible , il y a une case " probleme resolus" a cocher au dessus du titre , en 1ere page ( dans un cadre jaune )
AnTi-ViP
Messages postés
76
Date d'inscription
jeudi 15 mai 2008
Statut
Membre
Dernière intervention
2 février 2020
13
15 juin 2008 à 20:23
15 juin 2008 à 20:23
Ok tant pi
si un modo passe par la qu'il change le topic en topic résolu
voila merci +++
si un modo passe par la qu'il change le topic en topic résolu
voila merci +++