Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

gros ralentissement

tio

Par tio
dans Analyses et éradication malwares

 Partager

Messages recommandés

tio Junior Member

tio

Posté(e)
Posté(e) (modifié)

bonsoir, je suis abonné au neuf de telecom et j'ai un forfait au debit hors j'ai l'impression que c'est pas le cas, je vous de une analyse de mon pc pour voir s'il n'est pas infecté;je vous en remercie d'avance

Logfile of HijackThis v1.99.1

Scan saved at 22:14:12, on 19/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe

C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g\WlanUtl.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\DOCUME~1\Thio\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE56E8F-C644-469D-884F-B99221B52DAD}: NameServer = 86.64.145.146 84.103.237.146

O18 - Protocol: bw+0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Modifié par tio

regis56 Godlike Member

regis56

Posté(e)
Posté(e) (modifié)

Bonsoir tio et bienvenue sur le forum zeb-sécu !

 

Ton rapport montre des signes d'infections !

 

Commence par suivre ce tuto

 

Quelques liens pour t'aider à commencer dans l'utilisation de ce forum :

 

* Comment participer à un forum

http://forum.zebulon.fr/index.php?showtopic=98948

* retrouver ses messages et activer la notification par email

http://forum.zebulon.fr/index.php?showtopic=100593

 

Peux tu préciser quels sont les symptômes ou les disfonctionnements que tu rencontres ? Quel est l'outil qui te détecte ton infection ? Enfin, commence par appliquer cette procédure préliminaire. Un membre de l'Espace sécurité, un junior ou moi-même s'occupera alors de toi :

 

J'attire ton attention sur le paramétrage d'Antivir qui est important, et sur le placement de Hijackthis.exe. Dans ton cas, ne retélécharge pas Hijackthis, mais déplace le, comme indiqué en fin de procédure, ne le laisse pas dans un dossier temporaire.

 

Phase 1

 

* Faire un copier/coller de ces instructions dans un fichier texte car la seconde partie de cette procédure va être effectuée en mode sans échec et donc, hors connexion.

* Télécharger Antivir

http://www.free-av.com/

* Installer Antivir : Il est impératif de le configurer correctement afin de faire le meilleur scan possible ,

voir la procédure suivante (imprimez la) => Tutoriel de tesgaz

http://speedweb1.free.fr/frames2.php?page=tuto5

* Allez jusqu'à l'étape: Configuration du tutoriel de tesgaz, dans ce paragraphe , seule la partie suivante nous interesse:Configuration du scanner et ses sous parties : "action on malware" - "Heuristic" - "Archives" .Note: il est inutile de configurer la fonction "Guard" décrite dans la partie "Configuration Guard".

* Si l'utilisateur désire conserver Antivir une fois la procédure de prénettoyage terminée(parce qu'il n'a pas d'antivirus par exemple) , il devra suivre le tutoriel en entier pour pouvoir bénéficier de la protection résidente !

 

PRECISIONS IMPORTANTES: le choix d'Antivir comme antivirus à utiliser dans le cadre de cette procédure, a reposé sur les critères suivants :

- failles de votre antivirus qui a laissé passer des malwares

- Antivir peut-être installé et désinstallé facilement

- Antivir est reconnu pour son efficacité en mode sans échec

- le tutorial de tesgaz permet de le paramétrer sans problème.

 

* Télécharger la dernière version d'HijackThis

http://www.merijn.org/files/hijackthis.zip

 

OU LA( en cas d'indisponibilité !)

http://telechargement.zebulon.fr/138-hijackthis-1991.html

 

Phase 2

 

* Redémarrer le PC, impérativement en mode sans échec, (n'ayant pas accès à Internet, vous avez préalablement copié ces instructions dans un fichier texte)

* Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionner "Mode sans échec" et appuyer sur [Entrée].

NB : en cas de problème pour sélectionner le mode sans échec, appliquer la procédure de Symantec=>

Comment démarrer l'ordinateur en mode sans échec

http://service1.symantec.com/support/inter...020905112131924

* A l'ouverture de session, choisir la session courante et non celle de l'administrateur

* Afficher tous les fichiers par cette modification des options de l'explorateur Windows : Menu "Outils", "Option des dossiers", onglet "Affichage"=>

 

-Activer la case : "Afficher les fichiers et dossiers cachés"

-Désactiver la case : "Masquer les extensions des fichiers dont le type est connu"

-Désactiver la case : "Masquer les fichiers protégés du système d'exploitation"

-Puis, cliquer sur "Appliquer".

 

Maintenant, vous avez accès à tous les fichiers et dossiers du système d'exploitation.

 

Phase 3

 

* Nettoyage rapide du disque dur : Démarrer / Exécuter / taper CleanMgr et valider

* Cette fonction cleanmgr génére parfois un bug sous système Windows 2000, effectuer dans ce cas un nettoyage manuel, comme indiqué ci-dessous.

Utilisateurs XP, assurez vous également de faire ceci => suppression de tous les fichiers contenus dans les dossiers=>

-C:\TEMP

-C:\WINDOWS\TEMP

-C:\Documents And Settings\Session utilisateur\Local Settings\Temp

-C:\Documents And Settings\Session utilisateur\Local Settings\Temporary internet files

-Vider la corbeille

 

* Recherche et élimination des parasites avec Antivir=>

lancer un scan complet du, ou des disques dur, et supprimer tous les fichiers infectés (s'ils existent)

Sauvegarder le rapport!

* Désinstallation d'Antivir(pour ceux qui ne souhaitent pas conserver le logiciel)=> terminer les processus suivants dans le gestionnaire des tâches (faire Ctrl+Alt+Suppr pour ouvrir la fenêtre puis cliquer sur l'onglet Processus) : AVGUARD.EXE - AVSCHED.EXE - AVWUPSRV.EXE et AVGNT.EXE puis, désinstaller Antivir dans ajout/suppression de programmes (vous pourrez le réinstaller ensuite si vous souhaitez le conserver en lieu et place de votre antivirus résident qu'il conviendra dans ce cas de désinstaller proprement, surtout s'il s'agit de Norton).

 

* Redémarrer le PC en mode normal

 

* Installation et utilisation d'HijackThis=>

* Créer un nouveau dossier à la racine de C:\Program Files\HijackThis (double clic sur poste de travail/double clic sur l'icone de C/double clic sur le répertoire Program Files/clic droit dans la fenêtre, choisir nouveau dossier et le nommer HijackThis); dézipper le programme précédemment téléchargé lors de la phase 1 dans ce nouveau dossier HijackThis.

Renommer Hijackthis.exe en [votre pseudo sur zebulon].exe (ne pas insérer d'espace, ponctuation ou de caractères accentués dans le nom); créer un raccourci sur le bureau.

Important: surtout, ne pas créer ce dossier HijackThis dans un répertoire temporaire

* Arrêter tous les programmes en cours et fermer toutes les fenêtres

* Lancer HijackThis à l'aide du raccourci et cliquer sur le bouton "Do a system scan and save a logfile"

* Le rapport HijackThis (fichier log) va être enregistré dans C:\Program Files\HijackThis (penser à ajouter un chiffre à la suite du nom du rapport si vous voulez conserver un historique de vos rapports ex : HijackThis 1, HijackThis 2...)

 

NB : en cas de problème, appliquer le Tutorial de BipBip avec copies d'écran.

http://sitethemacs.free.fr/aide_enregistre...e_hijackthi.htm

 

Phase 4

 

- Ouvrir le rapport HijackThis précédemment sauvegardé et faire : Ctrl-A, Ctrl-C puis, le coller (Ctrl-V) dans un nouveau post (mais dans ce sujet ) que vous créez sur le forum Analyse rapports HijackThis, Eradication malwares de manière à ce que nous vous disions ce qu'il faut faire. Puis faire de même avec le rapport antivir.

- Attendre l'analyse et la réponse.

Auteur : Megataupe / nouveau canned par Charles Ingals

 

Je te demanderais d'ajouter aux deux rapports déjà demandés celui-ci :

-Exécute Hijackthis

 

* Clique sur Open the misc tools sections

* Clique sur Open uninstall Manager

* Clique sur Save list

 

-Enregistre le fichier > Une fenêtre du bloc-notes va s'ouvrir, copie-colle le contenu dans ton prochain post.

 

A bientôt.

Modifié par regis56
tio Junior Member

tio

Posté(e)
  • Auteur
Posté(e)

Bonsoir tio et bienvenue sur le forum zeb-sécu !

 

Ton rapport montre des signes d'infections !

 

Commence par suivre ce tuto

 

Quelques liens pour t'aider à commencer dans l'utilisation de ce forum :

 

* Comment participer à un forum

http://forum.zebulon.fr/index.php?showtopic=98948

* retrouver ses messages et activer la notification par email

http://forum.zebulon.fr/index.php?showtopic=100593

 

Peux tu préciser quels sont les symptômes ou les disfonctionnements que tu rencontres ? Quel est l'outil qui te détecte ton infection ? Enfin, commence par appliquer cette procédure préliminaire. Un membre de l'Espace sécurité, un junior ou moi-même s'occupera alors de toi :

 

J'attire ton attention sur le paramétrage d'Antivir qui est important, et sur le placement de Hijackthis.exe. Dans ton cas, ne retélécharge pas Hijackthis, mais déplace le, comme indiqué en fin de procédure, ne le laisse pas dans un dossier temporaire.

* Télécharger la dernière version d'HijackThis

http://www.merijn.org/files/hijackthis.zip

 

OU LA( en cas d'indisponibilité !)

http://telechargement.zebulon.fr/138-hijackthis-1991.html

 

Phase 2

 

* Redémarrer le PC, impérativement en mode sans échec, (n'ayant pas accès à Internet, vous avez préalablement copié ces instructions dans un fichier texte)

* Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionner "Mode sans échec" et appuyer sur [Entrée].

NB : en cas de problème pour sélectionner le mode sans échec, appliquer la procédure de Symantec=>

Comment démarrer l'ordinateur en mode sans échec

http://service1.symantec.com/support/inter...020905112131924

* A l'ouverture de session, choisir la session courante et non celle de l'administrateur

* Afficher tous les fichiers par cette modification des options de l'explorateur Windows : Menu "Outils", "Option des dossiers", onglet "Affichage"=>

 

-Activer la case : "Afficher les fichiers et dossiers cachés"

-Désactiver la case : "Masquer les extensions des fichiers dont le type est connu"

-Désactiver la case : "Masquer les fichiers protégés du système d'exploitation"

-Puis, cliquer sur "Appliquer".

 

Maintenant, vous avez accès à tous les fichiers et dossiers du système d'exploitation.

 

Phase 3

 

* Nettoyage rapide du disque dur : Démarrer / Exécuter / taper CleanMgr et valider

* Cette fonction cleanmgr génére parfois un bug sous système Windows 2000, effectuer dans ce cas un nettoyage manuel, comme indiqué ci-dessous.

Utilisateurs XP, assurez vous également de faire ceci => suppression de tous les fichiers contenus dans les dossiers=>

-C:\TEMP

-C:\WINDOWS\TEMP

-C:\Documents And Settings\Session utilisateur\Local Settings\Temp

-C:\Documents And Settings\Session utilisateur\Local Settings\Temporary internet files

-Vider la corbeille

 

* Recherche et élimination des parasites avec Antivir=>

lancer un scan complet du, ou des disques dur, et supprimer tous les fichiers infectés (s'ils existent)

Sauvegarder le rapport!

* Désinstallation d'Antivir(pour ceux qui ne souhaitent pas conserver le logiciel)=> terminer les processus suivants dans le gestionnaire des tâches (faire Ctrl+Alt+Suppr pour ouvrir la fenêtre puis cliquer sur l'onglet Processus) : AVGUARD.EXE - AVSCHED.EXE - AVWUPSRV.EXE et AVGNT.EXE puis, désinstaller Antivir dans ajout/suppression de programmes (vous pourrez le réinstaller ensuite si vous souhaitez le conserver en lieu et place de votre antivirus résident qu'il conviendra dans ce cas de désinstaller proprement, surtout s'il s'agit de Norton).

 

* Redémarrer le PC en mode normal

 

* Installation et utilisation d'HijackThis=>

* Créer un nouveau dossier à la racine de C:\Program Files\HijackThis (double clic sur poste de travail/double clic sur l'icone de C/double clic sur le répertoire Program Files/clic droit dans la fenêtre, choisir nouveau dossier et le nommer HijackThis); dézipper le programme précédemment téléchargé lors de la phase 1 dans ce nouveau dossier HijackThis.

Renommer Hijackthis.exe en [votre pseudo sur zebulon].exe (ne pas insérer d'espace, ponctuation ou de caractères accentués dans le nom); créer un raccourci sur le bureau.

Important: surtout, ne pas créer ce dossier HijackThis dans un répertoire temporaire

* Arrêter tous les programmes en cours et fermer toutes les fenêtres

* Lancer HijackThis à l'aide du raccourci et cliquer sur le bouton "Do a system scan and save a logfile"

* Le rapport HijackThis (fichier log) va être enregistré dans C:\Program Files\HijackThis (penser à ajouter un chiffre à la suite du nom du rapport si vous voulez conserver un historique de vos rapports ex : HijackThis 1, HijackThis 2...)

 

NB : en cas de problème, appliquer le Tutorial de BipBip avec copies d'écran.

http://sitethemacs.free.fr/aide_enregistre...e_hijackthi.htm

 

Phase 4

 

- Ouvrir le rapport HijackThis précédemment sauvegardé et faire : Ctrl-A, Ctrl-C puis, le coller (Ctrl-V) dans un nouveau post (mais dans ce sujet ) que vous créez sur le forum Analyse rapports HijackThis, Eradication malwares de manière à ce que nous vous disions ce qu'il faut faire. Puis faire de même avec le rapport antivir.

- Attendre l'analyse et la réponse.

Auteur : Megataupe / nouveau canned par Charles Ingals

 

Je te demanderais d'ajouter aux deux rapports déjà demandés celui-ci :

A bientôt.

 

 

 

 

salut voila les deux rapports antivir et hijackthis.

 

 

AntiVir PersonalEdition Classic

Report file date: vendredi 25 août 2006 15:46

 

Scanning for 486778 virus strains and unwanted programs.

 

Licensed to: AntiVir PersonalEdition Classic

Serial number: 0000149996-WURGE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Username: Thio

Computer name: R4I1HL7J4ZVQYRD

 

Version informations:

AVSCAN.EXE : 7.0.0.42 557096 25/08/2006 13:07:24

AVSCAN.DLL : 7.0.0.42 53288 25/08/2006 13:07:24

LUKE.DLL : 7.0.0.42 118824 25/08/2006 13:07:25

LUKERES.DLL : 7.0.0.42 25640 25/08/2006 13:07:25

ANTIVIR0.VDF : 6.35.0.1 7371264 25/08/2006 13:07:23

ANTIVIR1.VDF : 6.35.1.122 1270784 25/08/2006 13:07:23

ANTIVIR2.VDF : 6.35.1.123 2048 25/08/2006 13:07:23

ANTIVIR3.VDF : 6.35.1.144 45056 25/08/2006 13:07:23

AVEWIN32.DLL : 7.1.1.2 1782272 25/08/2006 13:07:23

AVPREF.DLL : 7.0.0.1 49192 25/08/2006 13:07:23

AVREP.DLL : 6.35.1.124 774184 25/08/2006 13:07:23

AVRPBASE.DLL : 7.0.0.0 2162728 25/08/2006 13:07:24

AVPACK32.DLL : 7.1.0.1 335912 25/08/2006 13:07:23

AVREG.DLL : 6.31.0.90 27688 25/08/2006 13:07:23

NETNT.DLL : 6.32.0.0 6696 25/08/2006 13:07:25

NETNW.DLL : 6.32.0.0 9768 25/08/2006 13:07:25

RCIMAGE.DLL : 7.0.0.71 1642536 25/08/2006 13:07:30

RCTEXT.DLL : 7.0.0.75 77864 25/08/2006 13:07:30

 

Configuration settings for the scan:

Jobname: '%s'.................: Local Drives

Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp

Boot sectors..................: C,D,A,F,G,H,I,E

Scan memory...................: 1

Process scan..................: 1

Scan all files................: 1

Scan archives.................: 1

Recursion depth...............: 20

Smart extensions..............: 1

Skipped archive types.........: 1000,1001,1002,1003,1004,

Macro heuristic...............: 1

File heuristic................: 2

Primary action................: 1

Secondary action..............: 0

 

Start of the scan: vendredi 25 août 2006 15:46

 

 

The scan over running processes will be started

14 Processes was scanned

 

Start scanning boot sectors:

 

Boot sector 'C:\'

[NOTE] No virus was found!

Boot sector 'D:\'

[NOTE] No virus was found!

Boot sector 'A:\'

[NOTE] In the drive 'A:\' no data medium is inserted!

Boot sector 'F:\'

[NOTE] In the drive 'F:\' no data medium is inserted!

Boot sector 'G:\'

[NOTE] In the drive 'G:\' no data medium is inserted!

Boot sector 'H:\'

[NOTE] In the drive 'H:\' no data medium is inserted!

Boot sector 'I:\'

[NOTE] In the drive 'I:\' no data medium is inserted!

 

Starting to scan the registry.

The registry was scanned ( 22 files ).

 

 

Starting the file scan:

 

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system.LOG

[WARNING] The file could not be opened!

The path A:\ could not be found!

Le périphérique n'est pas prêt.

 

The path F:\ could not be found!

Le périphérique n'est pas prêt.

 

The path G:\ could not be found!

Le périphérique n'est pas prêt.

 

The path H:\ could not be found!

Le périphérique n'est pas prêt.

 

The path I:\ could not be found!

Le périphérique n'est pas prêt.

 

The path E:\ could not be found!

Le périphérique n'est pas prêt.

 

 

 

End of the scan: vendredi 25 août 2006 16:03

Used time: 17:14 min

 

The scan has been done completely.

 

2394 Scanning directories

99080 Files were scanned

0 viruses and/or unwanted programs was found

0 files were deleted

0 files were repaired

0 files were moved to quarantine

0 files were renamed

1238 Archives were scanned

19 Warnings

0 Notes

 

 

Logfile of HijackThis v1.99.1

Scan saved at 16:19:54, on 25/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g\WlanUtl.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: bw+0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

tio Junior Member

tio

Posté(e)
  • Auteur
Posté(e)

bonsoir, je suis abonné au neuf de telecom et j'ai un forfait au debit hors j'ai l'impression que c'est pas le cas, je vous de une analyse de mon pc pour voir s'il n'est pas infecté;je vous en remercie d'avance

Logfile of HijackThis v1.99.1

Scan saved at 22:14:12, on 19/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe

C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g\WlanUtl.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\DOCUME~1\Thio\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE56E8F-C644-469D-884F-B99221B52DAD}: NameServer = 86.64.145.146 84.103.237.146

O18 - Protocol: bw+0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

 

bonsoir je vous envoi antivir et mon deuxiemme analyse

merci a

 

AntiVir PersonalEdition Classic

Report file date: vendredi 25 août 2006 15:46

 

Scanning for 486778 virus strains and unwanted programs.

 

Licensed to: AntiVir PersonalEdition Classic

Serial number: 0000149996-WURGE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Username: Thio

Computer name: R4I1HL7J4ZVQYRD

 

Version informations:

AVSCAN.EXE : 7.0.0.42 557096 25/08/2006 13:07:24

AVSCAN.DLL : 7.0.0.42 53288 25/08/2006 13:07:24

LUKE.DLL : 7.0.0.42 118824 25/08/2006 13:07:25

LUKERES.DLL : 7.0.0.42 25640 25/08/2006 13:07:25

ANTIVIR0.VDF : 6.35.0.1 7371264 25/08/2006 13:07:23

ANTIVIR1.VDF : 6.35.1.122 1270784 25/08/2006 13:07:23

ANTIVIR2.VDF : 6.35.1.123 2048 25/08/2006 13:07:23

ANTIVIR3.VDF : 6.35.1.144 45056 25/08/2006 13:07:23

AVEWIN32.DLL : 7.1.1.2 1782272 25/08/2006 13:07:23

AVPREF.DLL : 7.0.0.1 49192 25/08/2006 13:07:23

AVREP.DLL : 6.35.1.124 774184 25/08/2006 13:07:23

AVRPBASE.DLL : 7.0.0.0 2162728 25/08/2006 13:07:24

AVPACK32.DLL : 7.1.0.1 335912 25/08/2006 13:07:23

AVREG.DLL : 6.31.0.90 27688 25/08/2006 13:07:23

NETNT.DLL : 6.32.0.0 6696 25/08/2006 13:07:25

NETNW.DLL : 6.32.0.0 9768 25/08/2006 13:07:25

RCIMAGE.DLL : 7.0.0.71 1642536 25/08/2006 13:07:30

RCTEXT.DLL : 7.0.0.75 77864 25/08/2006 13:07:30

 

Configuration settings for the scan:

Jobname: '%s'.................: Local Drives

Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp

Boot sectors..................: C,D,A,F,G,H,I,E

Scan memory...................: 1

Process scan..................: 1

Scan all files................: 1

Scan archives.................: 1

Recursion depth...............: 20

Smart extensions..............: 1

Skipped archive types.........: 1000,1001,1002,1003,1004,

Macro heuristic...............: 1

File heuristic................: 2

Primary action................: 1

Secondary action..............: 0

 

Start of the scan: vendredi 25 août 2006 15:46

 

 

The scan over running processes will be started

14 Processes was scanned

 

Start scanning boot sectors:

 

Boot sector 'C:\'

[NOTE] No virus was found!

Boot sector 'D:\'

[NOTE] No virus was found!

Boot sector 'A:\'

[NOTE] In the drive 'A:\' no data medium is inserted!

Boot sector 'F:\'

[NOTE] In the drive 'F:\' no data medium is inserted!

Boot sector 'G:\'

[NOTE] In the drive 'G:\' no data medium is inserted!

Boot sector 'H:\'

[NOTE] In the drive 'H:\' no data medium is inserted!

Boot sector 'I:\'

[NOTE] In the drive 'I:\' no data medium is inserted!

 

Starting to scan the registry.

The registry was scanned ( 22 files ).

 

 

Starting the file scan:

 

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\Thio\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system.LOG

[WARNING] The file could not be opened!

The path A:\ could not be found!

Le périphérique n'est pas prêt.

 

The path F:\ could not be found!

Le périphérique n'est pas prêt.

 

The path G:\ could not be found!

Le périphérique n'est pas prêt.

 

The path H:\ could not be found!

Le périphérique n'est pas prêt.

 

The path I:\ could not be found!

Le périphérique n'est pas prêt.

 

The path E:\ could not be found!

Le périphérique n'est pas prêt.

 

 

 

End of the scan: vendredi 25 août 2006 16:03

Used time: 17:14 min

 

The scan has been done completely.

 

2394 Scanning directories

99080 Files were scanned

0 viruses and/or unwanted programs was found

0 files were deleted

0 files were repaired

0 files were moved to quarantine

0 files were renamed

1238 Archives were scanned

19 Warnings

0 Notes

 

bientot

Logfile of HijackThis v1.99.1

Scan saved at 16:19:54, on 25/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g\WlanUtl.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\mkls.dll

O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: bw+0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

merci a bientot

regis56 Godlike Member

regis56

Posté(e)
Posté(e)

Bonjour tio !

 

Voici ce que tu vas faire maintenant :

 

Lit ce tutorial pour t'imprégner de l'utilisation de l'outil

=> http://pchelpbordeaux.free.fr/frames/securite/lspfix.html

 

Ensuite

-Télécharge LSPfix :

http://pchelpbordeaux.free.fr/frames/logic...LSPFix%20VF.exe

-Lance LSPfix et agrandis la fenêtre qui est trop petite et masque un bouton.

-Déconnecte Internet et ferme toutes les fenêtres d' Internet Explorer.

-Coche la case "I know what I'm doing" ("Je sais ce que je fais").

-Sélectionne tous les mkls.dll et rien d'autre et fais glisser du panneau de gauche, "keep" au panneau de droite, "Remove".

-Sans rien faire d'autre, Clique sur "Finish".

 

Redémarre ton pc.

Colle un nouveau rapport hijackThis.

 

A plus.

  • 2 semaines après...
tio Junior Member

tio

Posté(e)
  • Auteur
Posté(e)

Bonjour tio !

 

Voici ce que tu vas faire maintenant :

 

Lit ce tutorial pour t'imprégner de l'utilisation de l'outil

=> http://pchelpbordeaux.free.fr/frames/securite/lspfix.html

 

Ensuite

-Télécharge LSPfix :

http://pchelpbordeaux.free.fr/frames/logic...LSPFix%20VF.exe

-Lance LSPfix et agrandis la fenêtre qui est trop petite et masque un bouton.

-Déconnecte Internet et ferme toutes les fenêtres d' Internet Explorer.

-Coche la case "I know what I'm doing" ("Je sais ce que je fais").

-Sélectionne tous les mkls.dll et rien d'autre et fais glisser du panneau de gauche, "keep" au panneau de droite, "Remove".

-Sans rien faire d'autre, Clique sur "Finish".

 

Redémarre ton pc.

Colle un nouveau rapport hijackThis.

 

A plus.

 

bsr je renvois la suite de ce que j'ai fait merci a tre bientot

Logfile of HijackThis v1.99.1

Scan saved at 22:15:25, on 05/09/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g\WlanUtl.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\DOCUME~1\Thio\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE56E8F-C644-469D-884F-B99221B52DAD}: NameServer = 86.64.145.145 84.103.237.145

O18 - Protocol: bw+0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {B86FF603-641B-46FE-8A47-82CC51FF44F3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

amicalement tio

 

regis56 Godlike Member

regis56

Posté(e)
Posté(e)

Bonsoir tio !

 

Désolé de répondre aussi tard mais je n'avais pas vu ta réponse car tu l'as mise dans une citation.

En tout cas merci Gof de me l'avoir fait remarquer.

 

On va continuer comme ceci

 

Télécharge Ewido anti-spyware

  1. Lance Ewido anti-spyware et clique sur le bouton Update (barre d'outils - au haut). Sous Manual Update clique Start update.
     
  2. Tu verras ceci juste au bas, lorsque la mise à jour sera complétée : "Update successful"
     
  3. Ferme Ewido anti-spyware. Ne pas le lancer tout de suite.

Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

  • Du mode Sans Échec, lance Ewido anti-spyware et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan. Le scan prendra un certain temps, donc sois patient.
     
  • Ewido affichera une liste des fichiers détectés, sur la gauche. En fin de scan, l'outil appliquera les "Actions" à appliquer automatiquement. Clique sur le bouton Apply all actions. Ewido affichera "All actions have been applied" du côté droit.
     
  • Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit sûr (sur ton Bureau, par exemple).
     
  • Redémarre ton ordi en mode Normal.

.

 

Je te fais passer un autre outil :

 

Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.

 

Double-clique blbeta.exe et accepte la licence; laisse [X]scan through Windows Explorer activé; clique Scan puis Next

 

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

 

Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Prière de poster les rapports suivant dans ta prochaine réponse :

 

1) Ewido

2) BlackLight

 

 

Bon courage, et @+

tio Junior Member

tio

Posté(e)
  • Auteur
Posté(e)

cher camarade

desolé je n'yarrive pas a telechargé ewido anti-spyware, j'arrive pas a trouvé le bouton update, etc

merci de ma compréhension je suis pas un pro.

merci amicalement tio

regis56 Godlike Member

regis56

Posté(e)
Posté(e)

Bonsoir TIo !

 

On va faire par étape :

 

Télécharge Ewido ici

http://www.grisoft.cz/softw/70/filedir/ins..._4.0.0.172c.exe

  1. Lance Ewido et clique sur le bouton Update (barre d'outils - au haut). Sous Manual Update clique Start update.
     
  2. Tu verras ceci juste au bas, lorsque la mise à jour sera complétée : "Update successful"
     
  3. Ferme Ewido. Ne pas le lancer tout de suite.

Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

  • Du mode Sans Échec, lance Ewido et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan. Le scan prendra un certain temps, donc sois patient.
     
  • Ewido affichera une liste des fichiers détectés, sur la gauche. En fin de scan, l'outil appliquera les "Actions" à appliquer automatiquement. Clique sur le bouton Apply all actions. Ewido affichera "All actions have been applied" du côté droit.
     
  • Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit sûr (sur ton Bureau, par exemple).
     
  • Redémarre ton ordi en mode Normal.

Copie/colle ce rapport dans ta prochaine réponse, avec un nouveau rapport HijackThis! également.

 

A plus.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...