Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Résolu: Trojan-Spy.win32@mx: rapport HijackThis

pralilas78

Par pralilas78
dans Analyses et éradication malwares

 Partager

Messages recommandés

pralilas78 Member

pralilas78

Posté(e)
Posté(e) (modifié)

Bonjour, j'ai suivi les 4 phases de la procédure décrite sur le forum pour fournir le rapport HijackThis ainsi que le rapport antivirus AntiVIR. Pouvez vous m'indiquer quelle est la marche à suivre désormais pour me débarrasser de ce Trojan svp qui me pourri la vie...merci d'avance.

 

Voici donc le rapport HijackThis:

 

Logfile of HijackThis v1.99.1

Scan saved at 19:07, on 06-10-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\isnotify.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe

C:\Program Files\3M\PSN2Lite\Psn2Lite.exe

C:\Utilitaires\Winzip\WZQKPICK.EXE

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Hijackthis\pralilas78.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll

O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\system32\lmrvrljh.dll (file missing)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {812A5309-73E5-4C4F-A649-ECF33D97420B} - C:\WINDOWS\system32\pmnli.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: (no name) - {c3703265-4671-4858-92a4-cba6a7b3bb45} - C:\WINDOWS\system32\ixt0.dll (file missing)

O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL

O3 - Toolbar: (no name) - {052b12f7-86fa-4921-8482-26c42316b522} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [service] service.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [ACTX1] C:\WINDOWS\v1201.exe

O4 - HKLM\..\Run: [dgs57399] RUNDLL32.EXE w00f353f.dll,n 006573930000000a00f353f

O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e37.exe

O4 - HKLM\..\Run: [newname] C:\\nwnmff_e37.exe

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\RunServices: [service] service.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [superCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messengerbis\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet

O4 - HKCU\..\Run: [LDM] \Program\

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Easl] "C:\PROGRA~1\WNSXS~1\spoolsv.exe" -vt yazb

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: Palm Registration.lnk = C:\Program Files\Palm\register.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSN2Lite\Psn2Lite.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Utilitaires\Winzip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\program files\bulletproofsoft.com\bps spyware & adware remover\apptoport.dll

O16 - DPF: {00000000-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/bf996ccbb6...314cdb17_35.exe

O16 - DPF: {00330010-0000-0000-0000-000020160010} - http://207.234.185.217/ABoxInst_int25.exe

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://MAILZ3.D....com/iNotes.cab

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader.cab

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} - http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://promo.dollarrevenue.com/activex/pro...631382D2D2D.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1116364622031

O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab

O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/files/...eInstall_fr.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.photoreflex.com/tools/xupload/XUpload.ocx

O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{504C740E-77CC-45F8-9B83-510DB2F93DB6}: NameServer = 84.103.237.141 86.64.145.141

O18 - Protocol: bw+0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: dxclib303562752.dll

O20 - Winlogon Notify: pmnli - C:\WINDOWS\system32\pmnli.dll

O20 - Winlogon Notify: URL - C:\WINDOWS\system32\iasmsnap.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: winemx32 - winemx32.dll (file missing)

O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - (no file)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\U25vdw\command.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Smart Card Client (SCardClnt) - Unknown owner - C:\WINDOWS\System32\SCardClnt.exe (file missing)

O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

 

 

Et voici le rapport Antivir:

 

 

AntiVir PersonalEdition Classic

Report file date: 06-10-28 10:58

 

Scanning for 495093 virus strains and unwanted programs.

 

Licensed to: Avira AntiVir PersonalEdition Classic

Serial number: 0000149996-WURGE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Username: Math

Computer name: SKI-C0EUUZKGJXR

 

Version information:

AVSCAN.EXE : 7.0.0.47 196648 21/08/2006 10:06:49

AVSCAN.DLL : 7.0.0.45 41000 07/09/2006 10:51:50

LUKE.DLL : 7.0.0.47 110632 07/09/2006 10:32:29

LUKERES.DLL : 7.0.0.47 9256 07/09/2006 10:51:50

ANTIVIR0.VDF : 6.35.0.1 7371264 31/05/2006 10:35:11

ANTIVIR1.VDF : 6.36.0.9 1424384 06/09/2006 07:12:24

ANTIVIR2.VDF : 6.36.0.10 2048 06/09/2006 07:12:26

ANTIVIR3.VDF : 6.36.0.11 2048 06/09/2006 07:12:28

AVEWIN32.DLL : 7.2.0.14 1827328 04/09/2006 14:23:26

AVPREF.DLL : 7.0.0.2 17960 24/07/2006 12:35:36

AVREP.DLL : 6.36.0.3 544808 06/09/2006 08:04:18

AVRPBASE.DLL : 7.0.0.0 1544232 30/03/2006 08:42:44

AVPACK32.DLL : 7.2.0.0 360488 21/07/2006 06:00:28

AVREG.DLL : 6.31.0.90 25128 28/07/2005 10:06:11

NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:45

NETNW.DLL : 7.0.0.0 9768 24/07/2006 12:35:38

RCIMAGE.DLL : 7.0.0.74 1642536 01/08/2006 11:22:50

RCTEXT.DLL : 7.0.0.107 77864 07/09/2006 10:51:49

 

Configuration settings for the scan:

Jobname.......................: Manual Selection

Configuration file............: C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp

Boot sectors..................: A,C,D,R

Scan memory...................: 1

Process scan..................: 1

Scan all files................: 1

Scan archives.................: 1

Recursion depth...............: 20

Smart extensions..............: 1

Skipped archive types.........: 1000,1001,1002,1003,1004,1005,

Macro heuristic...............: 1

File heuristic................: 2

Primary action................: 1

Secondary action..............: 0

 

Start of the scan: 06-10-28 10:58

 

 

The scan of running processes will be started

8 Processes were scanned

 

Start scanning boot sectors:

 

Boot sector 'A:\'

[NOTE] In the drive 'A:\' no data medium is inserted!

Boot sector 'C:\'

[NOTE] No virus was found!

 

Starting to scan the registry.

C:\Program Files\W?nSxS\spoolsv.exe

[WARNING] The file could not be opened!

The registry was scanned ( 65 files ).

 

 

Starting the file scan:

 

The path A:\ could not be found!

Le périphérique n'est pas prêt.

 

C:\drsmartload.exe

[DETECTION] Contains suspicious code HEUR/Malware

[iNFO] The file was deleted!

C:\drsmartload1.exe

[DETECTION] Contains suspicious code HEUR/Malware

[iNFO] The file was deleted!

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp

[WARNING] The file could not be opened!

C:\Documents and Settings\Math\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\Math\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Math\Application Data\Thunderbird\Profiles\gttnpkyd.default\Mail\Local Folders\Trash

[0] Archive type: Netscape/Mozilla Mailbox

--> Mailbox_[From: [email protected] (Mail Delivery System)][subject: Undelivered Mail Returned to Sender]1364.mim

[DETECTION] Contains signature of the Phish-Fiule/Email PHISH/Paypalfraud.T

[1] Archive type: MIME

--> file2.mim

[DETECTION] Contains signature of the Phish-Fiule/Email PHISH/Paypalfraud.T

[2] Archive type: MIME

--> file0.html

[DETECTION] Contains signature of the Phish-Fiule/Email PHISH/Paypalfraud.T

--> Mailbox_[From: [email protected] (Mail Delivery System)][subject: [*****SPAM*****] Undelivered Mail Returned to S]2590.mim

[DETECTION] Contains signature of the Phish-Fiule/Email PHISH/Paypalfraud.T

[1] Archive type: MIME

--> file2.mim

[DETECTION] Contains signature of the Phish-Fiule/Email PHISH/Paypalfraud.T

[2] Archive type: MIME

--> file0.html

[DETECTION] Contains signature of the Phish-Fiule/Email PHISH/Paypalfraud.T

[WARNING] The file was ignored!

C:\Documents and Settings\Math\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\Math\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Math\Mes documents\Boulot\05_01_01 PSA EQR Agrement\EQR\Carto pédale décollage\DV4\Mission Mont Ventoux 22_04_05\carto pedale C3 Siemens et Bosch issu de La Grave\Carto Pedale DV4TD Bosch Euro 3 issu de Siemens La graveMC.xls:KAVICHS

[WARNING] The file could not be opened!

C:\Documents and Settings\Math\Mes documents\Boulot\05_01_01 PSA EQR Agrement\EQR\Carto pédale décollage\DV4\Mission Mont Ventoux 22_04_05\carto pedale C3 Siemens et Bosch issu de La Grave\Macro Carto Pedale DV4TD Siemens Euro 4essai MathFinal La grave.xls:KAVICHS

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT.000\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT.000\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT.000\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT.000\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Jeux\Revolt\INSTALL.EXE

[DETECTION] Contains signature of the dropper DR/Delphi.Gen

[iNFO] The file was deleted!

C:\Program Files\InterVideo\DVD5\Intervideo WinDVD Platinum 5 Crack.exe

[DETECTION] Contains suspicious code HEUR/Crypted

[iNFO] The file was deleted!

C:\Program Files\ipwins\Services.dll

[DETECTION] Contains suspicious code HEUR/Malware

[iNFO] The file was moved to 'aeb9a790.qua'!

C:\Program Files\WildArcade\BlasterBlocks\uninst.exe

[DETECTION] Is the Trojan horse TR/Dldr.KaTum.3

[iNFO] The file was deleted!

C:\RECYCLER\NPROTECT\00000160.VXD

[0] Archive type: ZIP

--> C:/WINDOWS/System32/msexreg.exe

[DETECTION] Contains signature of the dial-up program DIAL/302102

[iNFO] The file was deleted!

C:\RECYCLER\NPROTECT\00000166.VXD

[0] Archive type: ZIP

--> C:/WINDOWS/System32/msexreg.exe

[DETECTION] Contains signature of the dial-up program DIAL/302102

[iNFO] The file was deleted!

C:\RECYCLER\NPROTECT\00000322.VXD

[0] Archive type: ZIP

--> C:/WINDOWS/System32/msexreg.exe

[DETECTION] Contains signature of the dial-up program DIAL/302102

[iNFO] The file was deleted!

C:\WINDOWS\system32\lmrvrljh.dll

[DETECTION] Contains suspicious code HEUR/Crypted

[iNFO] The file was moved to 'b7b9fc16.qua'!

C:\WINDOWS\system32\pmnli.dll

[DETECTION] Is the Trojan horse TR/Vundo.Gen

[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003

[WARNING] The file could not be deleted!

C:\WINDOWS\system32\config\default

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system.LOG

[WARNING] The file could not be opened!

The path D:\ could not be found!

Le périphérique n'est pas prêt.

 

The path R:\ could not be found!

Le périphérique n'est pas prêt.

 

 

 

End of the scan: 06-10-28 18:55

Used time: 7:57:00 min

 

The scan has been done completely.

 

7547 Scanning directories

362409 Files were scanned

17 viruses and/or unwanted programs were found

8 files were deleted

0 files were repaired

2 files were moved to quarantine

0 files were renamed

7814 Archives were scanned

25 Warnings

11 Notes

 

 

J'attends impatiemment votre éclairage..merci

Modifié par pralilas78
Lien vers le commentaire
Partager sur d’autres sites

bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

bonjour pralilas78 et bienvenue sur zebulon :P

 

 

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Lien vers le commentaire
Partager sur d’autres sites
pralilas78 Member

pralilas78

Posté(e)
  • Auteur
Posté(e)

Bonsoir Bruce Lee...avant de te coller mes 2 rapports, je tiens à te remercier pour ton aide...heureusement que sur cette Terre il y a des gens qui domine en informatique...pas comme moi !:P

 

J'ai donc effectuer ce que tu m'indiquais...voici les 2 rapports:

 

rapports Vundofix.txt:

 

VundoFix V6.2.6

 

Checking Java version...

 

Sun Java not detected

Scan started at 19:29:34 06-10-28

 

Listing files found while scanning....

 

C:\WINDOWS\system32\pmnli.dll

C:\WINDOWS\system32\ilnmp.ini

C:\WINDOWS\system32\ilnmp.bak1

C:\WINDOWS\system32\ilnmp.bak2

C:\WINDOWS\system32\ilnmp.ini2

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\pmnli.dll

C:\WINDOWS\system32\pmnli.dll Could not be deleted.

 

Attempting to delete C:\WINDOWS\system32\ilnmp.ini

C:\WINDOWS\system32\ilnmp.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ilnmp.bak1

C:\WINDOWS\system32\ilnmp.bak1 Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ilnmp.bak2

C:\WINDOWS\system32\ilnmp.bak2 Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ilnmp.ini2

C:\WINDOWS\system32\ilnmp.ini2 Has been deleted!

 

Performing Repairs to the registry.

Done!

 

VundoFix V6.2.6

 

Checking Java version...

 

Sun Java not detected

Scan started at 19:42:12 06-10-28

 

Listing files found while scanning....

 

C:\WINDOWS\system32\pmnli.dll

C:\WINDOWS\system32\ilnmp.ini

C:\WINDOWS\system32\ilnmp.bak1

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\pmnli.dll

C:\WINDOWS\system32\pmnli.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ilnmp.ini

C:\WINDOWS\system32\ilnmp.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ilnmp.bak1

C:\WINDOWS\system32\ilnmp.bak1 Has been deleted!

 

Performing Repairs to the registry.

Done!

 

 

 

 

Et Voici le rapport HijackThis:

 

 

Logfile of HijackThis v1.99.1

Scan saved at 19:59, on 06-10-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\isnotify.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\udcsdr.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\udcpas.exe

C:\Program Files\DriveCleaner 2006 Free\UDC6cw.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program

 

Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifi

 

er.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 2

 

SE\CalCheck.exe

C:\Program Files\3M\PSN2Lite\Psn2Lite.exe

C:\Utilitaires\Winzip\WZQKPICK.EXE

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Hijackthis\pralilas78.exe

 

R1 - HKCU\Software\Microsoft\Internet

 

Explorer\Main,Default_Search_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

 

http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet

 

Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) -

 

{A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program

 

Files\DeluxeCommunications\DxcBho.dll

O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} -

 

C:\WINDOWS\system32\lmrvrljh.dll (file missing)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

 

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {55DC3CD3-04C3-4468-8ACC-4DF09D461E66} -

 

C:\WINDOWS\system32\pmnli.dll (file missing)

O2 - BHO: Google Toolbar Helper -

 

{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

 

files\google\googletoolbar2.dll

O2 - BHO: (no name) - {c3703265-4671-4858-92a4-cba6a7b3bb45} -

 

C:\WINDOWS\system32\ixt0.dll (file missing)

O2 - BHO: PrintViewBHO Class -

 

{D4E0C464-30CE-4075-9A10-71FD106C2847} -

 

C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL

O3 - Toolbar: (no name) - {052b12f7-86fa-4921-8482-26c42316b522} -

 

(no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

 

c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

 

C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

 

C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead

 

Systems\Ulead Photo Express 2 SE\ChkFont.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

 

Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [service] service.exe

O4 - HKLM\..\Run: [NeroFilterCheck]

 

C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program

 

Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program

 

Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program

 

Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [ACTX1] C:\WINDOWS\v1201.exe

O4 - HKLM\..\Run: [dgs57399] RUNDLL32.EXE w00f353f.dll,n

 

006573930000000a00f353f

O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e37.exe

O4 - HKLM\..\Run: [newname] C:\\nwnmff_e37.exe

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program

 

Files\DeluxeCommunications\Dxc.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone

 

Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program

 

Files\DriveCleaner 2006 Free\UDC2006.exe" /min

O4 - HKLM\..\Run: [sDR6_Check] "C:\Program Files\Fichiers

 

communs\DriveCleaner 2006 Free\udcsdr.exe"

O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Fichiers

 

communs\DriveCleaner 2006 Free\udcpas.exe"

O4 - HKLM\..\Run: [uDC6cw] "C:\Program Files\DriveCleaner 2006

 

Free\UDC6cw.exe" -c

O4 - HKLM\..\RunServices: [service] service.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"

 

/background

O4 - HKCU\..\Run: [superCopier.exe] C:\Program

 

Files\SuperCopier\SuperCopier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN

 

Messengerbis\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program

 

Files\Yahoo!\Messenger\ypager.exe" -quiet

O4 - HKCU\..\Run: [LDM] \Program\

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program

 

Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [swg] C:\Program

 

Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifi

 

er.exe

O4 - HKCU\..\Run: [Easl] "C:\PROGRA~1\WNSXS~1\spoolsv.exe" -vt yazb

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program

 

Files\DeluxeCommunications\Dxc.exe

O4 - Startup: Konfabulator.lnk = C:\Program

 

Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: Palm Registration.lnk = C:\Program

 

Files\Palm\register.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program

 

Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program

 

Files\Palm\Hotsync.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program

 

Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program

 

Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Photo Express Calendar Checker SE.lnk =

 

C:\Program Files\Ulead Systems\Ulead Photo Express 2

 

SE\CalCheck.exe

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program

 

Files\3M\PSN2Lite\Psn2Lite.exe

O4 - Global Startup: WinZip Quick Pick.lnk =

 

C:\Utilitaires\Winzip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel -

 

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche -

 

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

 

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger -

 

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

 

Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger -

 

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

 

Files\Messenger\msmsgs.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\program

 

files\bulletproofsoft.com\bps spyware & adware

 

remover\apptoport.dll

O16 - DPF: {00000000-0000-0000-0000-100005000004} -

 

http://code.trasferimento.biz/l/bf996ccbb6...bfc4314cdb17_35

 

.exe

O16 - DPF: {00330010-0000-0000-0000-000020160010} -

 

http://207.234.185.217/ABoxInst_int25.exe

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom

 

MDM ActiveX Control) -

 

http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) -

 

https://portail.inetpsa.com/http://MAILZ3.D...tpsa.com/iNotes

 

.cab

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader

 

3.0 Control) -

 

http://www.mypixmania.com/fr/fr/importer/MypixUploader.cab

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} -

 

http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter

 

Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -

 

http://promo.dollarrevenue.com/activex/pro...631382D2D2D.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl

 

Class) -

 

http://v5.windowsupdate.microsoft.com/v5co...ontrols/en/x86/

 

client/wuweb_site.cab?1116364622031

O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA}

 

(telechargement-photoweb) -

 

http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab

O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image

 

Uploader 3.5 Combo Control) -

 

http://www.pixdiscount.fr/clients/ImageUploader3.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image

 

Uploader 3.5 Control) -

 

http://www.girafoto.fr/uploaders/ImageUploader3.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

 

(MsnMessengerSetupDownloadControl Class) -

 

http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -

 

http://download.cdn.winsoftware.com/files/.../cab/WinAntiVir

 

usPro2006FreeInstall_fr.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl

 

Class) -

 

https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software

 

XUpload) - http://www.photoreflex.com/tools/xupload/XUpload.ocx

O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com

 

SpeedUploader 1.0 Control) -

 

http://express.foto.com/SFUploader/SpeedUploader.cab

O17 -

 

HKLM\System\CCS\Services\Tcpip\..\{504C740E-77CC-45F8-9B83-510DB2F9

 

3DB6}: NameServer = 84.103.237.141 86.64.145.141

O18 - Protocol: bw+0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 -

 

{9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

 

Files\Logitech\Desktop

 

Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

 

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 -

 

{188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program

 

Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: dxclib303562752.dll

O20 - Winlogon Notify: URL - C:\WINDOWS\system32\iasmsnap.dll (file

 

missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: winemx32 - winemx32.dll (file missing)

O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871}

 

- (no file)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown

 

owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Command Service (cmdService) - Unknown owner -

 

C:\WINDOWS\U25vdw\command.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

 

Corporation - C:\Program Files\Fichiers

 

communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Network Monitor - Unknown owner - C:\Program

 

Files\Network Monitor\netmon.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA

 

Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Smart Card Client (SCardClnt) - Unknown owner -

 

C:\WINDOWS\System32\SCardClnt.exe (file missing)

O23 - Service: ScsiAccess - Unknown owner - C:\Program

 

Files\Photodex\ProShowGold\ScsiAccess.exe

O23 - Service: SmartLinkService (SLService) - Smart Link -

 

C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC

 

- C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

 

 

Petite remarque: j'ai chopé ce virus par une erreur de ma aprt (internet sans antivirus pendant qq minutes sur altavista...), depuis j'ai installé Firefox à la place d'internet explorer...et à chaque fois c'est INternet Explorer qui me signale la présence du Trojan ... est- il possible que ce virus utilise une faille d'IE pour me pourrir la vie?..Si oui, faudra t il un moment que je vire IE de mon PC?...si oui, comment fait on?...

 

MErci pour tout en tout cas, j'attends la suite :P

Lien vers le commentaire
Partager sur d’autres sites
bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

re,

 

IE faut pas le virer, tu en as besoin pour les mises a jour windows.

 

Je vais te faire executer deux manip casi en meme temps, suis bien scrupuleusement ce qu'il y a à faire:

 

Prière d'imprimer ces instructions, ou de les coller dans un fichier texte pour lecture en mode Sans Échec.

 

Télécharge Brute Force Uninstaller (de Merijn).

Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

 

FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

 

 

telecharge aussi:

 

http://metallica.geekstogo.com/alcanshorty.bfu fais un clic droit sur le lien et choisis

 

"Enregistrer la cible sous..." afin de télécharger alcanshorty.bfu (de Metallica)

 

**Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi

 

que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux

 

fichiers dans le dossier C:\BFU : alcanshorty.bfu et BFU.exe (très important).

 

 

 

Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

 

 

 

Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

 

Sous Scriptline to execute copie/colle cette ligne :

 

c:\bfu\EGDACCESS.bfu

 

Clique sur Execute et laisse-le faire son travail.

 

Attendre que Complete script execution apparaîsse et clique sur OK.

Clique Exit pour fermer le programme BFU.

 

 

Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

 

Sous Scriptline to execute copie/colle cette ligne :

 

c:\bfu\alcanshorty.bfu

 

Clique sur Execute et laisse-le faire son travail.

 

Attendre que Complete script execution apparaîsse et clique sur OK.

Clique Exit pour fermer le programme BFU.

 

redemare le PC et post un nouveau log hijackthis

Lien vers le commentaire
Partager sur d’autres sites
pralilas78 Member

pralilas78

Posté(e)
  • Auteur
Posté(e)

Re Bruce Lee,

 

ça y est j'ai suivi tes instructions..par contre lors de l'execute de BFU.exe (après avoir taper la ligne), ça a quasiment tout de suite indiqué "scan complete " (pas sur du mot scan)...

 

voici le rapport de HijackThis:

 

Logfile of HijackThis v1.99.1

Scan saved at 21:18, on 06-10-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\isnotify.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\udcsdr.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\udcpas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program

 

Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifi

 

er.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 2

 

SE\CalCheck.exe

C:\Program Files\3M\PSN2Lite\Psn2Lite.exe

C:\Utilitaires\Winzip\WZQKPICK.EXE

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Hijackthis\pralilas78.exe

 

R1 - HKCU\Software\Microsoft\Internet

 

Explorer\Main,Default_Search_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

 

http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet

 

Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) -

 

{A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program

 

Files\DeluxeCommunications\DxcBho.dll

O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} -

 

C:\WINDOWS\system32\lmrvrljh.dll (file missing)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

 

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {55DC3CD3-04C3-4468-8ACC-4DF09D461E66} -

 

C:\WINDOWS\system32\pmnli.dll (file missing)

O2 - BHO: Google Toolbar Helper -

 

{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

 

files\google\googletoolbar2.dll

O2 - BHO: (no name) - {c3703265-4671-4858-92a4-cba6a7b3bb45} -

 

C:\WINDOWS\system32\ixt0.dll (file missing)

O2 - BHO: PrintViewBHO Class -

 

{D4E0C464-30CE-4075-9A10-71FD106C2847} -

 

C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL

O3 - Toolbar: (no name) - {052b12f7-86fa-4921-8482-26c42316b522} -

 

(no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

 

c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

 

C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

 

C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead

 

Systems\Ulead Photo Express 2 SE\ChkFont.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

 

Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [service] service.exe

O4 - HKLM\..\Run: [NeroFilterCheck]

 

C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program

 

Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program

 

Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program

 

Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [ACTX1] C:\WINDOWS\v1201.exe

O4 - HKLM\..\Run: [dgs57399] RUNDLL32.EXE w00f353f.dll,n

 

006573930000000a00f353f

O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e37.exe

O4 - HKLM\..\Run: [newname] C:\\nwnmff_e37.exe

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program

 

Files\DeluxeCommunications\Dxc.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone

 

Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [sDR6_Check] "C:\Program Files\Fichiers

 

communs\DriveCleaner 2006 Free\udcsdr.exe"

O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Fichiers

 

communs\DriveCleaner 2006 Free\udcpas.exe"

O4 - HKLM\..\RunServices: [service] service.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"

 

/background

O4 - HKCU\..\Run: [superCopier.exe] C:\Program

 

Files\SuperCopier\SuperCopier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN

 

Messengerbis\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program

 

Files\Yahoo!\Messenger\ypager.exe" -quiet

O4 - HKCU\..\Run: [LDM] \Program\

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program

 

Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [swg] C:\Program

 

Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifi

 

er.exe

O4 - HKCU\..\Run: [Easl] "C:\PROGRA~1\WNSXS~1\spoolsv.exe" -vt yazb

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program

 

Files\DeluxeCommunications\Dxc.exe

O4 - Startup: Konfabulator.lnk = C:\Program

 

Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: Palm Registration.lnk = C:\Program

 

Files\Palm\register.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program

 

Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program

 

Files\Palm\Hotsync.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program

 

Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program

 

Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Photo Express Calendar Checker SE.lnk =

 

C:\Program Files\Ulead Systems\Ulead Photo Express 2

 

SE\CalCheck.exe

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program

 

Files\3M\PSN2Lite\Psn2Lite.exe

O4 - Global Startup: WinZip Quick Pick.lnk =

 

C:\Utilitaires\Winzip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel -

 

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche -

 

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

 

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger -

 

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

 

Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger -

 

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

 

Files\Messenger\msmsgs.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\program

 

files\bulletproofsoft.com\bps spyware & adware

 

remover\apptoport.dll

O16 - DPF: {00000000-0000-0000-0000-100005000004} -

 

http://code.trasferimento.biz/l/bf996ccbb6...bfc4314cdb17_35

 

.exe

O16 - DPF: {00330010-0000-0000-0000-000020160010} -

 

http://207.234.185.217/ABoxInst_int25.exe

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom

 

MDM ActiveX Control) -

 

http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) -

 

https://portail.inetpsa.com/http://MAILZ3.D...tpsa.com/iNotes

 

.cab

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader

 

3.0 Control) -

 

http://www.mypixmania.com/fr/fr/importer/MypixUploader.cab

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} -

 

http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter

 

Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -

 

http://promo.dollarrevenue.com/activex/pro...631382D2D2D.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl

 

Class) -

 

http://v5.windowsupdate.microsoft.com/v5co...ontrols/en/x86/

 

client/wuweb_site.cab?1116364622031

O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA}

 

(telechargement-photoweb) -

 

http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab

O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image

 

Uploader 3.5 Combo Control) -

 

http://www.pixdiscount.fr/clients/ImageUploader3.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image

 

Uploader 3.5 Control) -

 

http://www.girafoto.fr/uploaders/ImageUploader3.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

 

(MsnMessengerSetupDownloadControl Class) -

 

http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -

 

http://download.cdn.winsoftware.com/files/.../cab/WinAntiVir

 

usPro2006FreeInstall_fr.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl

 

Class) -

 

https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software

 

XUpload) - http://www.photoreflex.com/tools/xupload/XUpload.ocx

O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com

 

SpeedUploader 1.0 Control) -

 

http://express.foto.com/SFUploader/SpeedUploader.cab

O17 -

 

HKLM\System\CCS\Services\Tcpip\..\{504C740E-77CC-45F8-9B83-510DB2F9

 

3DB6}: NameServer = 86.64.145.140 84.103.237.140

O18 - Protocol: bw+0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 -

 

{9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

 

Files\Logitech\Desktop

 

Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

 

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 -

 

{188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program

 

Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: dxclib303562752.dll

O20 - Winlogon Notify: URL - C:\WINDOWS\system32\iasmsnap.dll (file

 

missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: winemx32 - winemx32.dll (file missing)

O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871}

 

- (no file)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown

 

owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Command Service (cmdService) - Unknown owner -

 

C:\WINDOWS\U25vdw\command.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

 

Corporation - C:\Program Files\Fichiers

 

communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Network Monitor - Unknown owner - C:\Program

 

Files\Network Monitor\netmon.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA

 

Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Smart Card Client (SCardClnt) - Unknown owner -

 

C:\WINDOWS\System32\SCardClnt.exe (file missing)

O23 - Service: ScsiAccess - Unknown owner - C:\Program

 

Files\Photodex\ProShowGold\ScsiAccess.exe

O23 - Service: SmartLinkService (SLService) - Smart Link -

 

C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC

 

- C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

 

 

J'attends tes instructions.. :P

Lien vers le commentaire
Partager sur d’autres sites
bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

re,

 

tu as mal executé alcanshorty.bfu recommence steplait puis poste un nouveau rapport hijackthis. Le rapport hijackthis, poste le "normalement" (comme le premier) pas come les autres en "articulée" (c'est dur a s'y retrouver comme ca)

 

@ plus tard

Lien vers le commentaire
Partager sur d’autres sites
pralilas78 Member

pralilas78

Posté(e)
  • Auteur
Posté(e)

Re Bruce Lee,

 

Eocute j'ai refait la manip en mode sans échec, mais encore une fois "complete script.." apparait quasi automatiquement après avoir cliqué sur "execute"..je sais pas si c normal.

 

Sinon désolé pour le mode "articulé" de mon précédent message mais je n'ai aucune idée de ce dont tu me parles! :P...je suis une quiche en info, alors je fais un copier coller comme d'habitude du rapport HiJackThis...je sais pas si ça te conviendra cette fois...

 

Sinon parenthèse: quand je démarre mon PC, arrivée sur windows, il me met un message "Erreur de chargement de w00f353f.dll le module spécifié est introuvable". Je ne sais pas si ça a un rapport avec notre problème..dans le doute je t'en fais part...

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 21:43, on 06-10-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\isnotify.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\udcsdr.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\udcpas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program

 

Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifi

 

er.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 2

 

SE\CalCheck.exe

C:\Program Files\3M\PSN2Lite\Psn2Lite.exe

C:\Utilitaires\Winzip\WZQKPICK.EXE

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Hijackthis\pralilas78.exe

 

R1 - HKCU\Software\Microsoft\Internet

 

Explorer\Main,Default_Search_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

 

http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet

 

Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) -

 

{A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program

 

Files\DeluxeCommunications\DxcBho.dll

O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} -

 

C:\WINDOWS\system32\lmrvrljh.dll (file missing)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

 

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {55DC3CD3-04C3-4468-8ACC-4DF09D461E66} -

 

C:\WINDOWS\system32\pmnli.dll (file missing)

O2 - BHO: Google Toolbar Helper -

 

{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

 

files\google\googletoolbar2.dll

O2 - BHO: (no name) - {c3703265-4671-4858-92a4-cba6a7b3bb45} -

 

C:\WINDOWS\system32\ixt0.dll (file missing)

O2 - BHO: PrintViewBHO Class -

 

{D4E0C464-30CE-4075-9A10-71FD106C2847} -

 

C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL

O3 - Toolbar: (no name) - {052b12f7-86fa-4921-8482-26c42316b522} -

 

(no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

 

c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

 

C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

 

C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead

 

Systems\Ulead Photo Express 2 SE\ChkFont.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

 

Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [service] service.exe

O4 - HKLM\..\Run: [NeroFilterCheck]

 

C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program

 

Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program

 

Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program

 

Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [ACTX1] C:\WINDOWS\v1201.exe

O4 - HKLM\..\Run: [dgs57399] RUNDLL32.EXE w00f353f.dll,n

 

006573930000000a00f353f

O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e37.exe

O4 - HKLM\..\Run: [newname] C:\\nwnmff_e37.exe

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program

 

Files\DeluxeCommunications\Dxc.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone

 

Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [sDR6_Check] "C:\Program Files\Fichiers

 

communs\DriveCleaner 2006 Free\udcsdr.exe"

O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Fichiers

 

communs\DriveCleaner 2006 Free\udcpas.exe"

O4 - HKLM\..\RunServices: [service] service.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"

 

/background

O4 - HKCU\..\Run: [superCopier.exe] C:\Program

 

Files\SuperCopier\SuperCopier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN

 

Messengerbis\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program

 

Files\Yahoo!\Messenger\ypager.exe" -quiet

O4 - HKCU\..\Run: [LDM] \Program\

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program

 

Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [swg] C:\Program

 

Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifi

 

er.exe

O4 - HKCU\..\Run: [Easl] "C:\PROGRA~1\WNSXS~1\spoolsv.exe" -vt yazb

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program

 

Files\DeluxeCommunications\Dxc.exe

O4 - Startup: Konfabulator.lnk = C:\Program

 

Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: Palm Registration.lnk = C:\Program

 

Files\Palm\register.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program

 

Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program

 

Files\Palm\Hotsync.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program

 

Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program

 

Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Photo Express Calendar Checker SE.lnk =

 

C:\Program Files\Ulead Systems\Ulead Photo Express 2

 

SE\CalCheck.exe

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program

 

Files\3M\PSN2Lite\Psn2Lite.exe

O4 - Global Startup: WinZip Quick Pick.lnk =

 

C:\Utilitaires\Winzip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel -

 

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche -

 

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

 

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger -

 

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

 

Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger -

 

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

 

Files\Messenger\msmsgs.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\program

 

files\bulletproofsoft.com\bps spyware & adware

 

remover\apptoport.dll

O16 - DPF: {00000000-0000-0000-0000-100005000004} -

 

http://code.trasferimento.biz/l/bf996ccbb6...bfc4314cdb17_35

 

.exe

O16 - DPF: {00330010-0000-0000-0000-000020160010} -

 

http://207.234.185.217/ABoxInst_int25.exe

O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom

 

MDM ActiveX Control) -

 

http://minitelweb.minitel.com/imin_data/ocx/MDM.cab

O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) -

 

https://portail.inetpsa.com/http://MAILZ3.D...tpsa.com/iNotes

 

.cab

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader

 

3.0 Control) -

 

http://www.mypixmania.com/fr/fr/importer/MypixUploader.cab

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} -

 

http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter

 

Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -

 

http://promo.dollarrevenue.com/activex/pro...631382D2D2D.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl

 

Class) -

 

http://v5.windowsupdate.microsoft.com/v5co...ontrols/en/x86/

 

client/wuweb_site.cab?1116364622031

O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA}

 

(telechargement-photoweb) -

 

http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab

O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image

 

Uploader 3.5 Combo Control) -

 

http://www.pixdiscount.fr/clients/ImageUploader3.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image

 

Uploader 3.5 Control) -

 

http://www.girafoto.fr/uploaders/ImageUploader3.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

 

(MsnMessengerSetupDownloadControl Class) -

 

http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -

 

http://download.cdn.winsoftware.com/files/.../cab/WinAntiVir

 

usPro2006FreeInstall_fr.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl

 

Class) -

 

https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software

 

XUpload) - http://www.photoreflex.com/tools/xupload/XUpload.ocx

O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com

 

SpeedUploader 1.0 Control) -

 

http://express.foto.com/SFUploader/SpeedUploader.cab

O17 -

 

HKLM\System\CCS\Services\Tcpip\..\{504C740E-77CC-45F8-9B83-510DB2F9

 

3DB6}: NameServer = 84.103.237.141 86.64.145.141

O18 - Protocol: bw+0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 -

 

{9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

 

Files\Logitech\Desktop

 

Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {188FA8B0-75DE-4E81-98FF-59D88D64B0ED} -

 

C:\Program Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

 

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 -

 

{188FA8B0-75DE-4E81-98FF-59D88D64B0ED} - C:\Program

 

Files\Logitech\Desktop

 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: dxclib303562752.dll

O20 - Winlogon Notify: URL - C:\WINDOWS\system32\iasmsnap.dll (file

 

missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: winemx32 - winemx32.dll (file missing)

O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871}

 

- (no file)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown

 

owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program

 

Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Command Service (cmdService) - Unknown owner -

 

C:\WINDOWS\U25vdw\command.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

 

Corporation - C:\Program Files\Fichiers

 

communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Network Monitor - Unknown owner - C:\Program

 

Files\Network Monitor\netmon.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA

 

Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Smart Card Client (SCardClnt) - Unknown owner -

 

C:\WINDOWS\System32\SCardClnt.exe (file missing)

O23 - Service: ScsiAccess - Unknown owner - C:\Program

 

Files\Photodex\ProShowGold\ScsiAccess.exe

O23 - Service: SmartLinkService (SLService) - Smart Link -

 

C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC

 

- C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

 

 

J'attends tes instructions...

Lien vers le commentaire
Partager sur d’autres sites
bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

re,

 

le script n'a pas été bien executé, mais pas grave, on va le faire apres ce que je veux dire par articlué, c'est que ton premier rapport hijackthis est clair, mais que les autres sont pas a suivre: exemple:

 

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program

 

Files\3M\PSN2Lite\Psn2Lite.exe

O4 - Global Startup: WinZip Quick Pick.lnk =

 

C:\Utilitaires\Winzip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel -

 

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche -

 

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

 

que au depart tu as (exemple):

 

O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSN2Lite\Psn2Lite.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Utilitaires\Winzip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

 

comme tu peux le voir, c'est plus clair comme cela.

 

1. Télécharge combofix.exe (par sUBs) sur ton Bureau

2. Double clique combofix.exe et suis les invites.

3. Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

Lien vers le commentaire
Partager sur d’autres sites
pralilas78 Member

pralilas78

Posté(e)
  • Auteur
Posté(e)

OK merci de la précision sur "articulé" ou "normal" :P et excuse mon ignorance :P

 

Bah éocute, on a lancé combofix....il a fait un scan (fenêtre bleue)....on a pu voir pas mal de fichiers infectés...et un moment il a écrit "Windows Rebooting" ....le PC a coupé.....il s'est relancé, puis la fenêtre bleue de combo fix s'est ouverte (avant que tout apparaisse sur le bureau Windows), à l'inntérieur de la fenêtre "please wait" était écrit....on a attendu plus de 15 minutes...rien ne se apssait du coup on a fermé la fenêtre de combofix....

 

Voilà les news...heeeeellllpp !:P

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...