

2furious4u2a
Membres-
Compteur de contenus
5 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par 2furious4u2a
-
problème avec winfixer 2005
2furious4u2a a répondu à un(e) sujet de 2furious4u2a dans Analyses et éradication malwares
j'ai supprimé antivir voila le rapport de spybot: --- Search result list --- WebDialer: Module usage (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Ole32ws.dll WebDialer: DLL partagée (1 applications) (Valeur du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Ole32ws.dll WebDialer: Installeur (Fichier, nothing done) C:\WINDOWS\Downloaded Program Files\Ole32ws.inf CoolWWWSearch: Root class (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\MediaAccX.Installer CoolWWWSearch: Réglages (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Media Access CoolWWWSearch: DLL partagée (1 applications) (Valeur du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Downloaded Program Files\MediaAccX.dll ISearchTech.ISTbar: Réglages désinstallation (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Power Scan ISearchTech.PowerScan: Réglages (Valeur du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\BandRest ISearchTech.SideFind: Réglages (Valeur du registre, nothing done) HKEY_USERS\S-1-5-21-1390067357-113007714-1801674531-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{10E42047-DEB9-4535-A118-B3F6EC39B807} DyFuCA: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{AA4939C3-DECA-4A48-A454-97CD587C0EF5} DyFuCA: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{EEE4A2E5-9F56-432F-A6ED-F6F625B551E0} DyFuCA: Réglages (Valeur du registre, nothing done) HKEY_USERS\S-1-5-21-1390067357-113007714-1801674531-1003\Software\Microsoft\Internet Explorer\Main\BandRest EAcceleration: Groupe de programmes (Répertoire, nothing done) C:\Documents and Settings\Roch\Menu Démarrer\Programmes\filesubmit\ SpyHunter: Réglages (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\SpyHunterConfig ISearchTech.YSB: Module usage (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ysbactivex.dll ISearchTech.YSB: DLL partagée (1 applications) (Valeur du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Downloaded Program Files\ysbactivex.dll ISearchTech.YSB: Root class (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\YSBactivex.Installer ISearchTech.YSB: Class ID (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658} Switp: Dossier Programme (Répertoire, nothing done) C:\Program Files\OADesktop\ Winfixer: DLL partagée (2 applications) (Valeur du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll Winfixer: Fichier système (Fichier, nothing done) C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll BackWeb lite: Extension de fichier (Clé du registre, nothing done) HKEY_CLASSES_ROOT\bwpfile BackWeb lite: Extension de fichier (Clé du registre, nothing done) HKEY_CLASSES_ROOT\.bwp BackWeb lite: Réglages globaux (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\BackWeb BackWeb lite: Netscape viewer (Valeur du registre, nothing done) HKEY_USERS\S-1-5-21-1390067357-113007714-1801674531-1003\Software\Netscape\Netscape Navigator\Viewers\application/x-bwpreview MyWay.MyBar: Réglages globaux (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\MyWay\myBar MyWay.MyBar: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{0494D0DA-F8E0-41AD-92A3-14154ECE70AC} MyWay.MyBar: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{0494D0DC-F8E0-41AD-92A3-14154ECE70AC} Windows Security Center.AntiVirusDisableNotify: Réglages (Modification du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0 180Solutions.Zango: Fichier de configuration (Fichier, nothing done) C:\WINDOWS\Downloaded Program Files\clientax.inf Admilli Service: Root class (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\AdmilliServX.Installer Altnet: Donnée (Fichier, nothing done) C:\WINDOWS\smdat32a.sys CommonName: Dossier temporaire (Répertoire, nothing done) C:\WINDOWS\Temp\Adware Exact Advertising.BargainsBuddy: Fichier de configuration (Fichier, nothing done) C:\WINDOWS\msxct1.ini MarketScore OS: Bibliothèque (Fichier, nothing done) C:\WINDOWS\system32\osconfig.dll MyWay.MyBar: Réglages (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\MyWay MySearch: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{014DA6C4-189F-421A-88CD-07CFE51CFF10} MySearch: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{014DA6C6-189F-421A-88CD-07CFE51CFF10} MySearch: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{014DA6CA-189F-421A-88CD-07CFE51CFF10} MySearch: Interface (Clé du registre, nothing done) HKEY_CLASSES_ROOT\Interface\{014DA6CC-189F-421A-88CD-07CFE51CFF10} MySearch: Type library (Clé du registre, nothing done) HKEY_CLASSES_ROOT\TypeLib\{014DA6C0-189F-421A-88CD-07CFE51CFF10} MySearch: Réglages globaux (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\MySearch MySearch: Dossier Programme (Répertoire, nothing done) C:\Program Files\MySearch\ Wind Updates: Réglages (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\AdTools Service Bloodhound.Pack: Réglages Autorun (Valeur du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Configuration Loader Windows AdTools.Solutions: Réglages (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Windows SyncroAd BackWeb lite: Interface (IBackWebDisplaySettings4_2) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{001B3F20-D866-11D1-8B4C-00609761C47A} BackWeb lite: Interface (IBackWebChannel4_2) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{025632A0-BCEC-11D1-8B35-00609761C47A} BackWeb lite: Interface (IBackWebDirectoryEntry) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0C6E0440-0B50-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebDownloadTimeConstraint) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0D1F7C83-8123-11D0-B5CA-0000B43698D6} BackWeb lite: Interface (IBackWebDownloadTimeConstraintCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0D1F7C84-8123-11D0-B5CA-0000B43698D6} BackWeb lite: Interface (IBackWebExtension) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0F4FE440-983F-11D0-9B9C-444553540000} BackWeb lite: Interface (IBackWebGeneralSettings) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC3-61A7-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebDialerSettings) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC4-61A7-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebCommSettings) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC5-61A7-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebDisplaySettings) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC6-61A7-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebSetup) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC7-61A7-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebDirectory) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{15030BC0-0B52-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebStoryFieldCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1D91D9E0-004B-11D1-9951-444553540000} BackWeb lite: Interface (IBackWeb2) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{23F43240-F78D-11D0-9A50-00AA004812C2} BackWeb lite: Interface (IBackWebInfoPakDownloadServices) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2DE07D90-DC04-11D0-A875-0000B43699FC} BackWeb lite: Interface (IBackWebSetupNotifications) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2F099AF0-6329-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebChannelTableNotifications) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2F523082-5A0B-11D0-9B9C-444553540000} BackWeb lite: Interface (IBackWebSetup4) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3667E7B0-4F28-11D1-8ADB-00609761C47A} BackWeb lite: Interface (IBackWebFileAccess) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A6E-6F14-11D1-A884-0000B43699FC} BackWeb lite: Interface (IBackWebInfoPakFilesCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A71-6F14-11D1-A884-0000B43699FC} BackWeb lite: Interface (IBackWebInfoPakFile) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A74-6F14-11D1-A884-0000B43699FC} BackWeb lite: Interface (IBackWebOpenInfoPakFile) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A77-6F14-11D1-A884-0000B43699FC} BackWeb lite: Interface (IBackWebDirectoryNotifications) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{41CEBDC0-32C1-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebStoryTableNotifications) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{44230BC0-3105-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebInfoPakNotifications) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{4A3666F3-5F2D-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWeb) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{53FCF355-5323-11D0-A864-0000B43699FC} BackWeb lite: Interface (IBackWebChannelCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{53FCF35A-5323-11D0-A864-0000B43699FC} BackWeb lite: Interface (IBackWebChannel) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{53FCF35B-5323-11D0-A864-0000B43699FC} BackWeb lite: Interface (IBackWebStoryField) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{5B1E13A0-004B-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebDirectoryEntryCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{5DF6CE40-0B50-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebFileAccessViaDir) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{608FE360-6FB2-11D1-A885-0000B43699FC} BackWeb lite: Interface (IBackWebInfoPak4_2) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{610141C2-7701-11D1-B042-004095903824} BackWeb lite: Interface (IBackWebAlertSettings) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{72B62B40-17D1-11D1-96A7-F8E906C10000} BackWeb lite: Interface (IBackWeb4) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{740904E0-0BFB-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebPlayer) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{8028B940-4932-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebAllInfoPakCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{8131F530-649E-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebChannelDownloadServices) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9132E380-DC21-11D0-A875-0000B43699FC} BackWeb lite: Interface (IBackWebItemDownloadServices) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{93BF8F00-DBE8-11D0-A875-0000B43699FC} BackWeb lite: Interface (IBackWebChannel2) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9647FB70-DC0F-11D0-A875-0000B43699FC} BackWeb lite: Interface (IBackWebStoryCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9DB46422-FF61-11D0-9951-444553540000} BackWeb lite: Interface (IBackWebAllStoryCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9DB46423-FF61-11D0-9951-444553540000} BackWeb lite: Interface (IBackWebStory) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9DB46424-FF61-11D0-9951-444553540000} BackWeb lite: Interface (IBackWebChannelVariableCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{A4BC67F0-6C90-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebChannel4) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{AEE96320-2131-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebCommunications) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{BAD37BC0-2231-11D1-9951-444553540000} BackWeb lite: Interface (IBackWebChannelCollection4) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{BCD0C200-69C1-11D1-8AF8-00609761C47A} BackWeb lite: Interface (IBackWebFilterSettings) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{C8CEEEE0-17D6-11D1-96A7-F8E906C10000} BackWeb lite: Interface (IBackWebApplicationNotifications) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{D0894D60-6C6C-11D0-A866-0000B43699FC} BackWeb lite: Interface (IBackWebGeneralSettings2) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E01AD640-F87D-11D0-9A50-00AA004812C2} BackWeb lite: Interface (IBackWebInfoPakCollection) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{EB1FFFC1-5688-11D0-A865-0000B43699FC} BackWeb lite: Interface (IBackWebInfoPak) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{EB1FFFC2-5688-11D0-A865-0000B43699FC} BackWeb lite: Interface (IBackWebChannelVariable) (Clé du registre, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\Interface\{FEFCA7F0-6C8E-11D0-A866-0000B43699FC} HitBox: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) BFast: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) Winfixer: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) WebTrends live: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) Advertising.com: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) DoubleClick: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) Advertising.com: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) HitBox: Cookie traceur (Internet Explorer: Roch) (Cookie, nothing done) Avenue A, Inc.: Cookie traceur (Firefox: default) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2005-08-28 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2005-05-31 advcheck.dll (1.0.2.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2005-05-31 Tools.dll (2.0.0.2) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2005-04-26 Includes\Cookies.sbi (*) 2005-08-26 Includes\Dialer.sbi (*) 2005-08-26 Includes\Hijackers.sbi (*) 2005-08-16 Includes\Keyloggers.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2005-08-26 Includes\Malware.sbi (*) 2005-08-12 Includes\PUPS.sbi (*) 2005-04-27 Includes\Revision.sbi (*) 2005-08-25 Includes\Security.sbi (*) 2005-08-16 Includes\Spybots.sbi (*) 2005-02-17 Includes\Tracks.uti 2005-08-26 Includes\Trojans.sbi (*) --- System information --- Windows XP (Build: 2600) Service Pack 2 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / DataAccess: Microsoft Data Access Components KB870669 / DataAccess: Patch Available For XMLHTTP Vulnerability / DataAccess: Patch Available For XMLHTTP Vulnerability / DataAccess: Security update for Microsoft Data Access Components / DataAccess: Security Update for Microsoft Data Access Components / DirectX / DX9 / SP1: Correctif pour DirectX 9 - KB839643 / MSXML4: Patch Available For XMLHTTP Vulnerability / Windows Media Player: Correctif pour le Lecteur Windows Media [Voir KB837272 pour plus d'informations] / Windows Media Player / SP0: Correctif pour le Lecteur Windows Media [Voir wm828026 pour plus d'informations] / Windows Media Player: Windows Media Update 320920 / Windows Media Player: Windows Media Update 817787 / Windows Media Player: Windows Media Update 819639 / Windows Media Player: Windows Media Update 828026 / Windows XP / SP2: Windows XP Service Pack 2 / Windows XP / SP3: Correctif Windows XP - KB834707 / Windows XP / SP3: Correctif Windows XP - KB867282 / Windows XP / SP3: Correctif Windows XP - KB873333 / Windows XP / SP3: Correctif Windows XP - KB873339 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939) / Windows XP / SP3: Correctif Windows XP - KB885250 / Windows XP / SP3: Correctif Windows XP - KB885835 / Windows XP / SP3: Correctif Windows XP - KB885836 / Windows XP / SP3: Correctif Windows XP - KB885884 / Windows XP / SP3: Correctif Windows XP - KB886185 / Windows XP / SP3: Correctif Windows XP - KB887472 / Windows XP / SP3: Correctif Windows XP - KB887742 / Windows XP / SP3: Correctif Windows XP - KB887797 / Windows XP / SP3: Correctif Windows XP - KB888113 / Windows XP / SP3: Correctif Windows XP - KB888302 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046) / Windows XP / SP3: Correctif Windows XP - KB890047 / Windows XP / SP3: Correctif Windows XP - KB890175 / Windows XP / SP3: Correctif Windows XP - KB890859 / Windows XP / SP3: Correctif Windows XP - KB890923 / Windows XP / SP3: Correctif Windows XP - KB891781 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066) / Windows XP / SP3: Correctif Windows XP - KB893086 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Mise à jour pour Windows XP (KB894391) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428) / Windows XP / SP3: Mise à jour pour Windows XP (KB896727) / Windows XP / SP3: Mise à jour pour Windows XP (KB898461) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235) --- Startup entries list --- Located: HK_LM:Run, ccApp command: "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" file: C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe size: 71256 MD5: 236f6981f8fb825c4658c99ae8100599 Located: HK_LM:Run, FTP Server command: C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe file: C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe size: 902144 MD5: 7b06c5092f0e59fe7a783d210f91a867 Located: HK_LM:Run, Logitech Hardware Abstraction Layer command: KHALMNPR.EXE file: C:\WINDOWS\KHALMNPR.EXE size: 29696 MD5: 62e28ace0821c5d1268cf04269769586 Located: HK_LM:Run, LogonStudio command: "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM file: C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe size: 987187 MD5: e7937fc9392a6040336833d5282259fe Located: HK_LM:Run, Symantec NetDriver Monitor command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer file: C:\PROGRA~1\SYMNET~1\SNDMon.exe size: 100056 MD5: f9418981ee4d7e995d359833adab59d5 Located: HK_LM:RunServices, Config Loader command: file: Located: HK_LM:RunServices, Config Loader for Microsoft Windows command: file: Located: HK_LM:RunServices, Config Loader2 command: file: Located: HK_LM:RunServices, ConfiggLoader command: file: Located: HK_LM:RunServices, Configuration Loader command: file: Located: HK_LM:RunServices, Configuration Loading command: file: Located: HK_LM:RunServices, Microsoft Office command: file: Located: HK_LM:RunServices, Microsoft Office Start command: file: Located: HK_LM:RunServices, Microsoft Windows Updater command: file: Located: HK_LM:RunServices, Mixer command: file: Located: HK_LM:RunServices, MS Config Loader command: file: Located: HK_LM:RunServices, MS Config Stream command: file: Located: HK_LM:RunServices, MS Security Hotfix command: file: Located: HK_LM:RunServices, Ms Task command: file: Located: HK_LM:RunServices, Norton Live Updater command: file: Located: HK_LM:RunServices, Office Startup command: file: Located: HK_LM:RunServices, Quicktime Pro 3.0 command: file: Located: HK_LM:RunServices, Registry Loader command: file: Located: HK_LM:RunServices, Service Controller command: file: Located: HK_LM:RunServices, Sound Loader command: file: Located: HK_LM:RunServices, Svhost Loader command: file: Located: HK_LM:RunServices, System Loaderap command: file: Located: HK_LM:RunServices, System Loaderav command: file: Located: HK_LM:RunServices, Update command: file: Located: HK_LM:RunServices, Win Init command: file: Located: HK_LM:RunServices, Windows Backup Configuration command: file: Located: HK_LM:RunServices, Windows Communicator command: file: Located: HK_LM:RunServices, Windows Config Manager command: file: Located: HK_LM:RunServices, Windows Explorer command: file: Located: HK_LM:RunServices, Windows Loader command: file: Located: HK_LM:RunServices, Windows Media Player command: file: Located: HK_LM:RunServices, Windows Startup command: file: Located: HK_LM:RunServices, Windows Update command: file: Located: HK_LM:RunServices, Windows Update Service command: file: Located: HK_LM:RunServices, WindowsFS command: file: Located: HK_CU:Run, ATI Launchpad command: file: Located: HK_CU:Run, CTFMON.EXE command: C:\WINDOWS\system32\ctfmon.exe file: C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 64e41e8fee655b03e3f19ded21ba5118 Located: HK_CU:Run, CursorXP command: C:\Program Files\CursorXP\CursorXP.exe file: C:\Program Files\CursorXP\CursorXP.exe size: 125440 MD5: eb7232057799d26b2c37548cad04e95b Located: HK_CU:Run, Gadwin PrintScreen command: C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe /nosplash file: C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe size: 843776 MD5: 0d58639912db54e390099c832eeed4b4 Located: HK_CU:Run, WebCamRT.exe command: file: Located: Démarrage (tous utilisateurs), Microsoft Office.lnk command: C:\Program Files\Microsoft Office\Office10\OSA.EXE file: C:\Program Files\Microsoft Office\Office10\OSA.EXE size: 83360 MD5: 5bc65464354a9fd3beaa28e18839734a Located: Démarrage (utilisateur), No-IP DUC.lnk command: C:\Program Files\No-IP\DUC20.exe file: C:\Program Files\No-IP\DUC20.exe size: 1172992 MD5: 74d679b8f4331e453431efb423aecece Located: WinLogon, AtiExtEvent command: Ati2evxx.dll file: Ati2evxx.dll Located: WinLogon, crypt32chain command: crypt32.dll file: crypt32.dll Located: WinLogon, cryptnet command: cryptnet.dll file: cryptnet.dll Located: WinLogon, cscdll command: cscdll.dll file: cscdll.dll Located: WinLogon, MCPClient command: C:\Program Files\Fichiers communs\Stardock\mcpstub.dll file: C:\Program Files\Fichiers communs\Stardock\mcpstub.dll size: 139264 MD5: 48fcae7eb398aa8b17d6b5092397facf Located: WinLogon, odbcps command: C:\WINDOWS\java\classes\odbcps.dll file: C:\WINDOWS\java\classes\odbcps.dll size: 419348 MD5: 058cbdf65a551efb4905cc97913cb8c8 Located: WinLogon, ScCertProp command: wlnotify.dll file: wlnotify.dll Located: WinLogon, Schedule command: wlnotify.dll file: wlnotify.dll Located: WinLogon, sclgntfy command: sclgntfy.dll file: sclgntfy.dll Located: WinLogon, SensLogn command: WlNotify.dll file: WlNotify.dll Located: WinLogon, termsrv command: wlnotify.dll file: wlnotify.dll Located: WinLogon, WB command: C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll file: C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll size: 24576 MD5: 9f884c45f10aaee442d4370ba90a1f89 Located: WinLogon, wlballoon command: wlnotify.dll file: wlnotify.dll --- Browser helper object list --- {9394EDE7-C8B5-483E-8773-474BF36AF6E4} (ST) BHO name: CLSID name: ST Path: C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\ Long name: stmain.dll Short name: Date (created): 10/07/2005 23:14:44 Date (last access): 28/08/2005 22:01:26 Date (last write): 13/08/2004 17:42:00 Filesize: 155648 Attributes: archive MD5: 0DA1349495955CB41A5899047C5A1267 CRC32: C050EECD Version: 1.2.3000.1001 {B8B55274-0F9A-41E5-9067-A3539BD9E860} (MSEvents Object) BHO name: CLSID name: MSEvents Object Path: C:\WINDOWS\java\classes\ Long name: odbcps.dll Short name: Date (created): 10/04/2005 14:24:08 Date (last access): 28/08/2005 22:24:14 Date (last write): 10/04/2005 14:24:08 Filesize: 419348 Attributes: archive MD5: 058CBDF65A551EFB4905CC97913CB8C8 CRC32: C48C9CE7 {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (MSNToolBandBHO) BHO name: CLSID name: MSNToolBandBHO Path: C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\ Long name: msntb.dll Short name: Date (created): 10/07/2005 23:11:54 Date (last access): 28/08/2005 22:01:28 Date (last write): 13/08/2004 17:42:38 Filesize: 282624 Attributes: archive MD5: 0DEB8B7CAD01EE86D1C4062E1B587C5A CRC32: E8C466A1 Version: 1.2.3000.1001 --- ActiveX list --- {00000055-9980-0010-8000-00AA00389B71} () DPF name: CLSID name: Installer: C:\WINDOWS\Downloaded Program Files\fhg.inf Codebase: http://codecs.microsoft.com/codecs/i386/fhg.CAB {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) DPF name: CLSID name: Office Update Installation Engine Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf Codebase: http://office.microsoft.com/officeupdate/content/opuc2.cab Path: C:\WINDOWS\ Long name: opuc.dll Short name: Date (created): 18/01/2005 01:07:18 Date (last access): 28/08/2005 22:30:12 Date (last write): 18/01/2005 01:07:18 Filesize: 326656 Attributes: archive MD5: 20393D64F69F26361A97FD9AFB3C9243 CRC32: 0B4DBA7F Version: 11.0.6466.0 --- Process list --- PID: 0 ( 0) [system] PID: 228 ( 4) \SystemRoot\System32\smss.exe PID: 276 ( 228) \??\C:\WINDOWS\system32\csrss.exe PID: 300 ( 228) \??\C:\WINDOWS\system32\winlogon.exe PID: 344 ( 300) C:\WINDOWS\system32\services.exe size: 108544 MD5: 63DCDE1A0D86EEB8924D6738FF616EAD PID: 356 ( 300) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: 259AF82A0932EEA4F316F92DB94707B6 PID: 508 ( 344) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 2979B03D5382A602623C0535B16AB9C0 PID: 572 ( 344) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 2979B03D5382A602623C0535B16AB9C0 PID: 616 ( 344) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 2979B03D5382A602623C0535B16AB9C0 PID: 792 ( 300) C:\Program Files\Fichiers communs\Stardock\SDMCP.exe size: 253952 MD5: 741D6DC336DA5A26CA9D5CAEB877A479 PID: 904 ( 884) C:\WINDOWS\Explorer.EXE size: 1036288 MD5: 2A7BD330924252A2FD80344FC949BB72 PID: 1400 ( 508) C:\WINDOWS\System32\LVComsX.exe size: 221184 MD5: BCD419D4EA19087E91601C1C2914323A PID: 252 ( 904) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 4393096 MD5: 09CA174A605B480318731E691DC98539 PID: 4 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 28/08/2005 22:32:54 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page about:blank HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@ http://home.microsoft.com/access/autosearch.asp?p=%s HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.microsoft.com/isapi/redir.dll?p...B_PVER}&ar=home HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://home.free.fr/ HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/fr/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/fr/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- --- Uninstall list --- Ace DivX Player (Ace DivX Player) uninstall cmd: "C:\Program Files\GustoSoft\Ace DivX Player\Uninstall.exe" Ad-Aware SE Personal (Ad-Aware SE Personal) uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG publisher: Lavasoft help link: http://www.lavasoft.de (AddressBook) Adobe Acrobat 4.0 4.0 (Adobe Acrobat 4.0) version (major): 4 install location: C:\Program Files\Adobe\Acrobat 4.0 install source: D:\ACROBAT\FRENCH\ uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.dll" publisher: Adobe Systems, Inc. help link: http://www.adobe.com/prodindex/acrobat/main.html Adobe Photoshop 7.0 7.0 (Adobe Photoshop 7.0) version (major): 7 install location: C:\Program Files\Adobe\Photoshop 7.0 install source: E:\Photoshop\ uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" publisher: Adobe Systems, Inc. ATI - Utilitaire de désinstallation du logiciel 6.14.10.1009 (All ATI Software) uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe AnswerWorks Runtime (AnswerWorks 3.0) uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu" AntiVir/XP (AntiVir/XP) uninstall cmd: C:\Program Files\AVPersonal\AVUNINST.EXE publisher: H+BEDV Datentechnik GmbH comments: - contact: Support Forum help link: http://www.free-av.de/forum AnyScreenToVideo (AnyScreenToVideo) uninstall cmd: C:\PROGRA~1\ANYSCR~1\UNWISE.EXE C:\PROGRA~1\ANYSCR~1\INSTALL.LOG Architecture d'intérieur 3D 2004 (Architecture d'intérieur 3D 2004_is1) uninstall cmd: "C:\Program Files\Anuman Interactive\Architecture d'intérieur 3D 2004\unins000.exe" publisher: Anuman Interactive help link: http://www.clic-go.com Architecture et construction 3D 2004 (Architecture et construction 3D 2004_is1) uninstall cmd: "C:\Program Files\Anuman Interactive\Architecture et construction 3D 2004\unins002.exe" publisher: Anuman Interactive help link: http://www.clic-go.com ATI Display Driver 8.03-040610a-016126C-ATI (ATI Display Driver) uninstall cmd: rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean AVS VideoConverter 3.1.1.152 (AVS VideoConverter 3.1_is1) uninstall cmd: "C:\Program Files\AVSMedia\VideoConverter3\unins000.exe" publisher: NCT Company Ltd. help link: http://www.avsmedia.com/support/index.aspx BootSkin (BootSkin) uninstall cmd: C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\UNWISE.EXE C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\INSTALL.LOG (Branding) CC BandVWM (CC BandVWM) uninstall cmd: C:\PROGRA~1\OBJECT~1\UNWISE.EXE C:\PROGRA~1\OBJECT~1\INSTALL.LOG (CDex) CloneCD (CloneCD) install location: C:\Program Files\Elaborate Bytes\CloneCD uninstall cmd: "C:\Program Files\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneCD" publisher: Elaborate Bytes (Connection Manager) Codec Pack - All In 1 6.0.2.1 (Cool's_Codec_pack_4.12) uninstall cmd: C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini" Corel Applications (Corel Applications) uninstall cmd: C:\WINDOWS\Corel\Uninst32.exe AVI to VCD/DVD 4.02 (Cucusoft Convert AVI to VCD/DVD/SVCD_is1) uninstall cmd: "C:\Program Files\Cucusoft\avi-vcd-dvd\unins000.exe" publisher: Cucusoft, Inc. help link: http://www.avi-vcd.com CursorXP (CursorXP) uninstall cmd: C:\Program Files\CursorXP\CurXPUtil.exe -u dBpowerAMP Mp4 Codec (dBpowerAMP Mp4 Codec) uninstall cmd: "C:\WINDOWS\System32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Mp4 Codec.dat dBpowerAMP Music Converter (dBpowerAMP Music Converter) uninstall cmd: "C:\WINDOWS\System32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Music Converter.dat DesignWorkshop Lite (DesignWorkshop Lite) uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\DesignWorkshop Lite\Uninst.isu" (DirectAnimation) (DirectDrawEx) (DXM_Runtime) Microsoft DirectX Transform optional components (DXTXTRA) uninstall cmd: RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12 eMule (eMule) uninstall cmd: "C:\Program Files\eMule\Uninstall.exe" Enter your screen saver title here ! Screen Saver (Enter your screen saver title here ! Screen Saver) uninstall cmd: C:\WINDOWS\system32\uninstall.exe Enter your screen saver title here ! Screen Saver EPSON Logiciel imprimante (EPSON Printer and Utilities) uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R (expinst) FileZilla (remove only) (FileZilla) uninstall cmd: "C:\Program Files\FileZilla\uninstall.exe" (Fontcore) Free - Kit de connexion 3,7,0,0 (Free.fr) uninstall cmd: C:\Program Files\Free.fr\uninstall.exe publisher: Free help link: http://support.free.fr FreeGo 2.0 (FreeGo_is1) install location: C:\Program Files\Free-Go\ uninstall cmd: "C:\Program Files\Free-Go\unins000.exe" publisher: L'équipe FreeGo help link: http://www.free-go.net Gadwin PrintScreen 2.5 2.5 (build 651) (Gadwin PrintScreen 2.5) uninstall cmd: C:\PROGRA~1\GADWIN~1\PRINTS~1\UNWISE.EXE C:\PROGRA~1\GADWIN~1\PRINTS~1\INSTALL.LOG publisher: Gadwin Systems, Inc. comments: Gadwin PrintScreen captures the contents of the screen with a single keystroke. help link: http://www.Gadwin.com/PrintScreen/ help telephone: +1(347)412-28-94 HijackThis 1.99.1 1.99.1 (HijackThis) uninstall cmd: C:\Documents and Settings\Roch\Mes documents\Web download\hijackthis\HijackThis.exe /uninstall publisher: Soeperman Enterprises Ltd. (htdjcbmj8f11trnumsqf6bzueku32ars) IconPackager (IconPackager) uninstall cmd: C:\PROGRA~1\OBJECT~1\ICONPA~1\UNWISE.EXE C:\PROGRA~1\OBJECT~1\ICONPA~1\INSTALL.LOG ICQ Lite (ICQLite) uninstall cmd: C:\Program Files\ICQLite\ICQLiteUninstall.EXE (ICW) (IE40) (IE4Data) (IE5BAKEX) (IEData) ImageDrive (Ahead Software) (ImageDrive!UninstallKey) uninstall cmd: C:\WINDOWS\UNIDRV.exe /UNINSTALL (InstallShield Uninstall Information) iTunes 4.6.0.15 (InstallShield_{00FC6799-866E-44A1-A60C-DCF394CF56FD}) version: 67502080 version (major): 4 version (minor): 6 estimated size: 20106 install date: 20040701 install location: C:\Program Files\iTunes\ install source: C:\WINDOWS\Downloaded Installations\{FC99319C-37C5-4AB9-BE11-816CF51F2383}\ uninstall cmd: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{00FC6799-866E-44A1-A60C-DCF394CF56FD} publisher: Apple Computer, Inc. contact: Assistance AppleCare help link: http://www.info.apple.com/frfr/index.html help telephone: 1-800-275-2273 IsoBuster 1.3 1.3 (IsoBuster_is1) uninstall cmd: "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" publisher: Smart Projects Kazaa Lite K++ v2.4.3 2.4.3 (kazaalite202_is1) uninstall cmd: "C:\Program Files\Kazaa Lite K++\unins000.exe" publisher: Kazaa Lite K++ Correctif Windows XP - KB834707 20040929.110854 (KB834707) uninstall cmd: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=834707 Correctif Windows XP - KB867282 20050127.090417 (KB867282) uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=867282 Microsoft Data Access Components KB870669 (KB870669) uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=KB870669 Correctif Windows XP - KB873333 20050114.005213 (KB873333) uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=873333 Correctif Windows XP - KB873339 20041117.092459 (KB873339) uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=873339 Mise à jour de sécurité pour Windows XP (KB883939) 1 (KB883939) install date: 20050616 uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=883939 (KB884016) Correctif Windows XP - KB885250 20050118.202711 (KB885250) uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885250 Correctif Windows XP - KB885835 20041027.181713 (KB885835) uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885835 Correctif Windows XP - KB885836 20041028.173203 (KB885836) uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885836 Correctif Windows XP - KB885884 20040924.025457 (KB885884) uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885884 Correctif Windows XP - KB886185 20041021.090540 (KB886185) uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=886185 Correctif Windows XP - KB887472 20041014.162858 (KB887472) uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887472 Correctif Windows XP - KB887742 20041103.095002 (KB887742) uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887742 Correctif Windows XP - KB887797 20041018.133824 (KB887797) uninstall cmd: C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887797 Correctif Windows XP - KB888113 20041116.131036 (KB888113) uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888113 Correctif Windows XP - KB888302 20041207.111426 (KB888302) uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888302 Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046) install date: 20050616 uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890046 Correctif Windows XP - KB890047 20041221.124506 (KB890047) uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890047 Correctif Windows XP - KB890175 20041201.233338 (KB890175) uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890175 Correctif Windows XP - KB890859 1 (KB890859) install date: 20050416 uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890859 Correctif Windows XP - KB890923 1 (KB890923) install date: 20050416 uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890923 Correctif Windows XP - KB891781 20050110.165439 (KB891781) uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891781 Correctif Windows XP - KB893066 1 (KB893066) install date: 20050416 uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893066 Correctif Windows XP - KB893086 1 (KB893086) install date: 20050416 uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893086 Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756) install date: 20050813 uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893756 Windows Installer 3.1 (KB893803) 3.1 (KB893803) uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467 Windows Installer 3.1 (KB893803) 3.1 (KB893803v2) uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467 Mise à jour pour Windows XP (KB894391) 1 (KB894391) install date: 20050813 uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=894391 Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358) install date: 20050616 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896358 Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422) install date: 20050616 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896422 Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423) install date: 20050813 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896423 Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428) install date: 20050616 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896428 Mise à jour pour Windows XP (KB896727) 1 (KB896727) install date: 20050813 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896727 Mise à jour pour Windows XP (KB898461) 1 (KB898461) install date: 20050702 uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=898461 Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587) install date: 20050813 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899587 Mise à jour de sécurité pour Windows XP (KB899588) 1 (KB899588) install date: 20050813 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899588 Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591) install date: 20050813 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899591 Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214) install date: 20050714 uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901214 Mise à jour de sécurité pour Windows XP (KB903235) 1 (KB903235) install date: 20050714 uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=903235 K-Lite Codec Pack 2.10 Full 2.10 (KLiteCodecPack_is1) uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe" LeechFTP (LeechFTP) uninstall cmd: C:\WINDOWS\eraser.exe KILL "C:\Program Files\LeechFTP\uninstall.uif" L&H TTS3000 Français (LHTTSFRF) uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall LiveReg (Symantec Corporation) 2.4.1.2056 (LiveReg) install location: C:\Program Files\Fichiers communs\Symantec Shared\LiveReg uninstall cmd: C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE publisher: Symantec Corporation LiveUpdate 2.6 (Symantec Corporation) 2.6.14.0 (LiveUpdate) install location: C:\Program Files\Symantec\LiveUpdate uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U publisher: Symantec Corporation C-Dilla Licence Management System (LMS) uninstall cmd: C:\C_DILLA\setup\cdunin16.exe Logitech Print Service (Logitech Print Service) un -
problème avec winfixer 2005
2furious4u2a a répondu à un(e) sujet de 2furious4u2a dans Analyses et éradication malwares
merci à vous tous pour votre aide précieuse. j'ai effectué les manips conseillées par charles ingals hormis la suppression de odbcps.dll car impossible même en mode sans échec "utildé par une autre application" que je ne trouve pas. voilà le rapport highjack Logfile of HijackThis v1.99.1 Scan saved at 23:01:21, on 28/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Fichiers communs\Stardock\SDMCP.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CursorXP\CursorXP.exe C:\Program Files\No-IP\DUC20.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: WebBlinds - {4F92B827-1E56-4E30-A978-A17A7861A606} - C:\PROGRA~1\OBJECT~1\WEBBLI~1\webblinds.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe pour le moment pas de problème avec la fenetre d'install de winfixer 2005. merci de me dire si il y encore des trucs louches dans mon pc. au fait freego est juste un petit soft tres utiles aux freenautes car il nous permet de controler aisement notre freebox. -
problème avec winfixer 2005
2furious4u2a a répondu à un(e) sujet de 2furious4u2a dans Analyses et éradication malwares
voilà je viens d'executer ta procédure hormis que je n'ai pas pu renommer le fichier odbcps.dll car utiliser par une autre ressource même en mode sans échec. voilà le rapport hijackthis avant le redemarrage en mode normal Logfile of HijackThis v1.99.1 Scan saved at 17:48:15, on 28/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Stardock\SDMCP.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\LVComsX.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: WebBlinds - {4F92B827-1E56-4E30-A978-A17A7861A606} - C:\PROGRA~1\OBJECT~1\WEBBLI~1\webblinds.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NI.UWA5PLP_0001_0721] "C:\WINDOWS\Downloaded Program Files\UWA5PLP_0001_0721NetInstaller.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\Azureus\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [FreeGo] C:\Documents and Settings\Roch\FreeGo.exe O4 - HKCU\..\Run: [Mwp9Rjcqg] tcpaint.exe O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.coolwebsearch.com O15 - Trusted Zone: *.searchmeup.com O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe voilà maintenant le rapport apres demarrage en mode normal Logfile of HijackThis v1.99.1 Scan saved at 17:54:35, on 28/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Fichiers communs\Stardock\SDMCP.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CursorXP\CursorXP.exe C:\Program Files\No-IP\DUC20.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: WebBlinds - {4F92B827-1E56-4E30-A978-A17A7861A606} - C:\PROGRA~1\OBJECT~1\WEBBLI~1\webblinds.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NI.UWA5PLP_0001_0721] "C:\WINDOWS\Downloaded Program Files\UWA5PLP_0001_0721NetInstaller.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\Azureus\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [FreeGo] C:\Documents and Settings\Roch\FreeGo.exe O4 - HKCU\..\Run: [Mwp9Rjcqg] tcpaint.exe O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.coolwebsearch.com O15 - Trusted Zone: *.searchmeup.com O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe voilà que dois je faire maintenant. -
problème avec winfixer 2005
2furious4u2a a répondu à un(e) sujet de 2furious4u2a dans Analyses et éradication malwares
... édité par ipl_001 : il est inutile que tu reproduises mon message, je l'ai lu ! LOL Il y a 2 boutons "Répondre", en temsp normal, utilise celui qui est entre "Flash" et "Options" merci beaucoup ipl 001. je vais essayer et je post mon nouveau rapport juste après. enfin un forum où l'on trouve des gens sympas et compétents pour aider les newbies en informatique. -
bonjour à tous, tout comme certains d'entre vous j'ai un problème aevc winfixer et je ne parviens pas à m'en défaire. j'ai installé antivir et je l'ai lancé en mode sans echec puis comme indiqué dans un autre post j'ai lancé et enregistré le rapport suivant: Logfile of HijackThis v1.99.1 Scan saved at 12:22:18, on 28/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Stardock\SDMCP.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Roch\Mes documents\Web download\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O1 - Hosts: 213.219.251.78 www.google.com O1 - Hosts: 213.219.251.78 google.com O1 - Hosts: 213.219.251.78 www.google.co.uk O1 - Hosts: 213.219.251.78 google.co.uk O1 - Hosts: 213.219.251.78 www.google.ca O1 - Hosts: 213.219.251.78 google.ca O1 - Hosts: 213.219.251.78 www.google.es O1 - Hosts: 213.219.251.78 google.es O1 - Hosts: 213.219.251.78 www.google.de O1 - Hosts: 213.219.251.78 google.de O1 - Hosts: 213.219.251.78 www.google.fr O1 - Hosts: 213.219.251.78 google.fr O1 - Hosts: 213.219.251.78 www.google.com.au O1 - Hosts: 213.219.251.78 google.com.au O1 - Hosts: 213.219.251.79 www.yahoo.com O1 - Hosts: 213.219.251.79 yahoo.com O1 - Hosts: 66.218.75.184 mail.yahoo.com O1 - Hosts: 213.219.251.80 www.msn.com O1 - Hosts: 213.219.251.80 msn.com O1 - Hosts: 213.219.251.80 search.msn.com O1 - Hosts: 213.219.251.80 www.search.msn.com O1 - Hosts: 213.219.251.80 go.com O1 - Hosts: 213.219.251.80 www.go.com O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - (no file) O2 - BHO: WebBlinds - {4F92B827-1E56-4E30-A978-A17A7861A606} - C:\PROGRA~1\OBJECT~1\WEBBLI~1\webblinds.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: C:\WINDOWS\system32\ssf.dll - {CA31B41F-1B7D-42D2-A4D3-BC4A13341124} - C:\WINDOWS\system32\ssf.dll (file missing) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe O4 - HKLM\..\Run: [Yjzwibew] C:\Program Files\Ygctl\Yamgc.exe O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe O4 - HKLM\..\Run: [JVM0.14] C:\WINDOWS\system32\lnmqt.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [NI.UWFX5LP_0001_0614] "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX5LP_0001_0614NetInstaller.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_med_nostra.exe O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.browserplugin.com/eroticAccess/...01@medicvin.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...e/bridge-c5.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {9B4AA442-9EBF-11D5-8C11-0050DA4957F5} - http://www.xs4all.nl/~kuhljf/nl.exe O16 - DPF: {BF3CD111-6278-11D2-9EA3-00A0C9251384} (O2C-Player Version 1.x) - http://www.o2c.de/download/O2CPlayer.CAB O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp07.photoprintit.de/microsite/572...geUploader3.cab O18 - Protocol: bw+0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe j'ai ensuite redémarré en mode normal mais je suis toujours infecté par winfixer 2005. merci pour votre aide en espérant que quelqu'un trouve une solution à mon problème.