Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Besoin d'aide

Cezboy

Par Cezboy
dans Analyses et éradication malwares

 Partager

Messages recommandés

Cezboy Member

Cezboy

Posté(e)
Posté(e)

Bonjour à tous,

 

Je post car aprés l'installation d'un logiciel je me retrouve avec quelques problémes ( Ouverture intempestive de fenetres IE, mon antiVirus "Avast" me prévient régulierement que mon PC est attaqué ...)

 

J'ai tenté un scan avec AVG Spyware en mode sans Echec et restauration systéme désactivée. Il me trouve bien des fichier infectés mais après redémarrage en mode normal c'est encore le bronx.

J'ai lancé différents scans avec Spybot, Adware, Avast, Ccleaner .... toujours le même probléme.

 

Si quelqu'un voulait bien m'aider je post ci-après le rapport d' hijackthis.

Merci d'avance.

 

Logfile of HijackThis v1.99.1

Scan saved at 08:35:29, on 27/02/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\system32\ffudf.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Rainlendar\Rainlendar.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\mssys32.exe

D:\Telechargement\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Fichiers communs\CPUSH\cpush0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Ziepod One-Click IE Helper - {57A30D1E-08B9-4EF4-B273-AAEA1C234A5B} - C:\WINDOWS\system32\ZiepodOneClicker.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [updatereal] C:\WINDOWS\AntiAdwa.exe other

O4 - HKCU\..\Run: [mssys32] C:\WINDOWS\system32\mssys32.exe

O4 - HKCU\..\Run: [mshtmll] regsvr32 /s C:\WINDOWS\system32\mshtmll.dll

O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: ²Æ¸»Í¨ - {C1F0024B-8278-4999-B7E6-2718426D9FE6} - C:\Program Files\²Æ¸»Í¨\caif.dll (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E638575D-BAE0-4F04-8E99-B8A05836CA3C}: NameServer = 192.168.1.1

O18 - Protocol: bw+0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: sclgntfys - C:\WINDOWS\sclgntfys.dll

O23 - Service: 4C5A618A - Unknown owner - C:\WINDOWS\system32\4C5A618A.EXE (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

Lien vers le commentaire
Partager sur d’autres sites

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Bonjour!

 

- Télécharge Vundoxfix de Atribune - mirror si le lien ne fonctionne pas : http://www.softpedia.com/get/Antivirus/VundoFix.shtml

- Double-clique VundoFix.exe afin de le lancer.

- Clique sur le bouton Scan for Vundo.

- Lorsque le scan est complété, clique sur le bouton Remove Vundo.

- Une invite te demandera si tu veux supprimer les fichiers, clique YES

- Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.

- Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown") ; clique OK

- Démarre ton PC à nouveau.

- Copie/colle le contenu du rapport situé dans C:\vundofix.txt

 

 

D:\Telechargement\HijackThis.exe <-- renomme le en scanner.exe

double-clic sur scanner.exe

poste un nouveau rapport HijackThis !

Lien vers le commentaire
Partager sur d’autres sites
Cezboy Member

Cezboy

Posté(e)
  • Auteur
Posté(e)

Tout d'abord merci de prendre un petit temps pour m'aider.

VundoFix n'a rien trouvé.

 

*********************************************************

VundoFix V6.3.9

 

Checking Java version...

 

Sun Java not detected

Scan started at 13:08:19 27/02/2007

 

Listing files found while scanning....

 

No infected files were found.

 

 

Beginning removal...

*********************************************************

Logfile of HijackThis v1.99.1

Scan saved at 13:13:48, on 27/02/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\Program Files\Rainlendar\Rainlendar.exe

C:\WINDOWS\system32\ffudf.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\mssys32.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Internet Explorer\iexplore.exe

D:\Telechargement\scanner.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,c:\WINDOWS\EDpbw.exe

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Fichiers communs\CPUSH\cpush0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Ziepod One-Click IE Helper - {57A30D1E-08B9-4EF4-B273-AAEA1C234A5B} - C:\WINDOWS\system32\ZiepodOneClicker.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {A4BC11D3-1D10-17D1-13D4-943BB236A5D0} - C:\WINDOWS\system32\mshtmll.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [s0rf6rd] rundll32.exe C:\WINDOWS\f0vd12yigmug2.dll _start@16

O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [updatereal] C:\WINDOWS\AntiAdwa.exe other

O4 - HKCU\..\Run: [mssys32] C:\WINDOWS\system32\mssys32.exe

O4 - HKCU\..\Run: [mshtmll] regsvr32 /s C:\WINDOWS\system32\mshtmll.dll

O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: ²Æ¸»Í¨ - {C1F0024B-8278-4999-B7E6-2718426D9FE6} - C:\Program Files\²Æ¸»Í¨\caif.dll (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E638575D-BAE0-4F04-8E99-B8A05836CA3C}: NameServer = 192.168.1.1

O18 - Protocol: bw+0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: sclgntfys - C:\WINDOWS\sclgntfys.dll

O23 - Service: 4C5A618A - Unknown owner - C:\WINDOWS\system32\4C5A618A.EXE (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

Lien vers le commentaire
Partager sur d’autres sites
Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Voici la manipulation à effectuer en entier

Merci de bien vouloir :

- Lire attentivement les instructions demandées et prendre son temps pour les effectuer convenablement, sinon la désinfection ne sera pas complète.

- Si certains éléments ne sont pas trouvés, merci de le signaler mais de poursuivre les manipulations jusqu'au bout.

- A l'issu de la procédure, merci de bien copier/coller TOUS les rapports demandés.

- N'hésitez pas à consulter les liens d'aides, ils sont là pour vous guider !

 

- Demarrer / executer / tape services.msc

- Cherche 4C5A618A dans la liste

- Double clic dessus, positionne le type de démarrage sur désactiver

 

Sur HiJackThis, refais un scan et coches les lignes suivantes :

 

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,c:\WINDOWS\EDpbw.exe

O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Fichiers communs\CPUSH\cpush0.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [s0rf6rd] rundll32.exe C:\WINDOWS\f0vd12yigmug2.dll _start@16

O4 - HKCU\..\Run: [updatereal] C:\WINDOWS\AntiAdwa.exe other

O4 - HKCU\..\Run: [mssys32] C:\WINDOWS\system32\mssys32.exe

O9 - Extra button: ²Æ¸»Í¨ - {C1F0024B-8278-4999-B7E6-2718426D9FE6} - C:\Program Files\²Æ¸»Í¨\caif.dll (HKCU)

O20 - Winlogon Notify: sclgntfys - C:\WINDOWS\sclgntfys.dll

 

---> puis clic sur le bouton "Fix Checked"

n'hésite pas à consulter l'aide HiJackThis

 

- Télécharge et installe AVG Anti-Spyware - Tutorial : http://www.malekal.com/tutorial_AVG_AntiSpyware.html

- Mets le à jour à partir du menu Mise à jour en haut

- Télécharge clean.zip, décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

 

-- Redémarre en mode en mode sans échec, si tu sais pas comment on fait lis ceci

 

Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.

Double-clic sur clean. Cela va ouvrir une fenêtre noire.

Un menu va apparaître, choisis l'option 2 en appuyant sur la touche 2 de ton clavier.

Clean va travailler.

Un rapport Va etre généré, colle le contenu entier ici.

 

Supprime :

C:\WINDOWS\f0vd12yigmug2.dll

C:\Program Files\²Æ¸»Í¨\

 

 

- Ouvre AVG Anti-Spyware et clic sur l'onglet Analyse, puis le sous-onglet Paramètres

- Sélectionne dans Comment Réagir ? Quarantine. (voir l'aide l'aide AVG Anti-Spyware)

- Reviens au sous-onglet Analyser puis clique sur Analyse complète du système.

---> Le scan démarre.

 

A la fin clique sur Appliquer toutes les actions, les éléments doivent alors être déplacés en quarantaine.

Puis clique sur Enregistrer le rapport d'analyse et enregistre le rapport sur le Bureau.

 

 

Aide : N'hésite pas à consulter l'Aide AVG Anti-Spyware pour tout problème.

 

 

-- Redémarre en mode normal : Menu Démarrer / Arreter / Redémarre l'ordinateur

Attention : dans le cas où l'ordinateur redémarre en boucle en mode sans échec, faire la manipulation inverse en décochant l'option /SAFEBOOT à l'aide de msconfig : voir à nouveau cette page : cliquez-ici

 

-- Fais un scan en ligne avec Internet Explorer : Scan Kaspersky et colle le rapport ici. Si tu es perdu, tu peux suivre cette aide pour les scans en ligne

-- Copie/Colle ici les rapports :

- AVG Anti-Spyware

- le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

- ainsi qu'un nouveau log HiJackThis

Lien vers le commentaire
Partager sur d’autres sites
Cezboy Member

Cezboy

Posté(e)
  • Auteur
Posté(e)

Voici les rapports

KASPERSKY ONLINE SCANNER REPORT

Tuesday, February 27, 2007 7:19:54 PM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 27/02/2007

Kaspersky Anti-Virus database records: 258959

Scan Settings

Scan using the following antivirus database standard

Scan Archives true

Scan Mail Bases true

Scan Target Critical Areas

C:\WINDOWS

C:\DOCUME~1\ORDIFA~1\LOCALS~1\Temp\

Scan Statistics

Total number of scanned objects 12625

Number of viruses found 1

Number of infected objects 3 / 0

Number of suspicious objects 0

Duration of the scan process 00:08:33

 

Infected Object Name Virus Name Last Action

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\drivers\epdotu77.sys Object is locked skipped

C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\ffudf.exe Infected: Backdoor.Win32.Agent.ahj skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\jsefusf.exe Infected: Backdoor.Win32.Agent.ahj skipped

C:\WINDOWS\system32\jsefusf.dll Infected: Backdoor.Win32.Agent.ahj skipped

C:\WINDOWS\system32\epdotu77.dll Object is locked skipped

C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_284.dat Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

C:\WINDOWS\sclgntfys.dll Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\DOCUME~1\ORDIFA~1\LOCALS~1\Temp\~DFCE0.tmp Object is locked skipped

Scan process completed.

***********************************************************************************************

RAPPORT CLEAN

Script execute en mode sans echec

Rapport clean par Malekal_morte - http://www.malekal.com

Option 2, executee le 27/02/2007 a 17:54:05,70

 

Microsoft Windows XP [version 5.1.2600]

 

*** Suppression de fichiers sur C:

 

*** Suppression des fichiers dans C:\WINDOWS\

tentative de suppression de C:\WINDOWS\EDpbw.exe

 

*** Suppression des fichiers dans C:\WINDOWS\system32

tentative de suppression de C:\WINDOWS\system32\ad_1128.exe

tentative de suppression de C:\WINDOWS\system32\dufs1.exe

 

tentative de suppression de "C:\Program Files\Fichiers communs\CPUSH\"

 

*** Suppression des clefs du registre effectuee..

*** Fin du rapport !

***********************************************************************************************

Logfile of HijackThis v1.99.1

Scan saved at 19:31:50, on 27/02/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

C:\Program Files\Rainlendar\Rainlendar.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\mssys32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

D:\Telechargement\scanner.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {A4BC11D3-1D10-17D1-13D4-943BB236A5D0} - C:\WINDOWS\system32\mshtmll.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [mshtmll] regsvr32 /s C:\WINDOWS\system32\mshtmll.dll

O4 - HKCU\..\Run: [mssys32] C:\WINDOWS\system32\mssys32.exe

O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E638575D-BAE0-4F04-8E99-B8A05836CA3C}: NameServer = 192.168.1.1

O18 - Protocol: bw+0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: sclgntfys - C:\WINDOWS\sclgntfys.dll

O23 - Service: 1FA013DE - Unknown owner - C:\WINDOWS\system32\1FA013DE.EXE (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

Lien vers le commentaire
Partager sur d’autres sites
Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Supprime ces deux fichiers :

C:\WINDOWS\system32\jsefusf.exe

C:\WINDOWS\system32\jsefusf.dl

 

 

- Télécharge DiagHelp.zip sur ton bureau - Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php

- Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout

- Un nouveau dossier chercher va être créé DiagHelp

- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)

- Une fenêtre va s'ouvrir, choisis l'option 1

- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.

- A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt

- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :

-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout

-- A nouveau menu Edition / copier

-- Dans un nouveau message ici, faire un clic droit / coller

 

 

Sur HijackThis, coche cette ligne :

 

O20 - Winlogon Notify: sclgntfys - C:\WINDOWS\sclgntfys.dll

 

--> cllic sur fix checked

 

Poste un nouveau rapport HijackThis.

Lien vers le commentaire
Partager sur d’autres sites
Cezboy Member

Cezboy

Posté(e)
  • Auteur
Posté(e)
Supprime ces deux fichiers :

C:\WINDOWS\system32\jsefusf.exe

C:\WINDOWS\system32\jsefusf.dl --- Impossible de le supprimer

C:\WINDOWS\System32\pngfllt.txt -->27/02/2007 20:23:16

C:\WINDOWS\System32\ntoskrnl.ini -->27/02/2007 20:21:26

C:\WINDOWS\System32\jsds3utj.dat -->27/02/2007 20:21:24

C:\WINDOWS\System32\mshtmll.dll -->27/02/2007 20:21:08

C:\WINDOWS\System32\jsefusf.dll -->27/02/2007 20:21:06

C:\WINDOWS\System32\ffudf.exe -->27/02/2007 20:21:06

C:\WINDOWS\System32\index.dat -->27/02/2007 19:54:10

C:\WINDOWS\System32\mssys32.exe -->27/02/2007 18:26:10

C:\WINDOWS\System32\12.exe -->27/02/2007 13:04:48

C:\WINDOWS\System32\1FA013DE.dat -->27/02/2007 13:04:36

C:\WINDOWS\System32\2100qqgm.exe -->27/02/2007 08:11:12

C:\WINDOWS\System32\JOTYDJ.AAB -->27/02/2007 07:55:00

C:\WINDOWS\System32\OTXCIOTY.DLL -->27/02/2007 07:55:00

C:\WINDOWS\System32\KPUAEJO.DLL -->27/02/2007 07:55:00

C:\WINDOWS\System32\1k8mu7iJg.dll -->27/02/2007 07:54:44

C:\WINDOWS\System32\WBGLSXDHMRWB.OKC -->27/02/2007 07:18:08

C:\WINDOWS\System32\stf1.jpg -->27/02/2007 07:12:54

C:\WINDOWS\System32\dsffdsg22.st -->26/02/2007 22:17:28

C:\WINDOWS\System32\jds1172520951.web -->26/02/2007 21:15:58

C:\WINDOWS\System32\mscpx32r.det -->26/02/2007 21:15:54

C:\WINDOWS\System32\mprmsgse.axz -->26/02/2007 20:32:20

C:\WINDOWS\System32\stf2.jpg -->26/02/2007 18:49:36

C:\WINDOWS\System32\LRXEJOT.DLL -->26/02/2007 18:44:54

C:\WINDOWS\System32\110-5637-107 -->26/02/2007 18:40:32

C:\WINDOWS\System32\94-5637-107 -->26/02/2007 18:40:28

 

C:\WINDOWS.log -->27/02/2007 20:22:04

C:\WINDOWS\wiadebug.log -->27/02/2007 20:21:26

C:\WINDOWS\bootstat.dat -->27/02/2007 20:20:50

C:\WINDOWS\WindowsUpdate.log -->27/02/2007 20:19:16

C:\WINDOWS\setupapi.log -->27/02/2007 18:26:50

C:\WINDOWS\setupact.log -->27/02/2007 17:54:26

C:\WINDOWS\setuperr.log -->27/02/2007 17:54:22

C:\WINDOWS\ntbtlog.txt -->27/02/2007 17:51:02

C:\WINDOWS\SchedLgU.Txt -->27/02/2007 17:49:26

C:\WINDOWS\wiaservc.log -->27/02/2007 17:49:26

C:\WINDOWS\spoollist.txt -->27/02/2007 17:40:18

C:\WINDOWS23.txt -->27/02/2007 13:05:48

C:\WINDOWS\temp.exe -->27/02/2007 08:14:48

C:\WINDOWS\Sti_Trace.log -->27/02/2007 08:11:08

C:\WINDOWS\tsc.ini -->26/02/2007 22:08:38

 

C:\WINDOWS\twunk_16.exe |24/08/2001 12:00:00

C:\WINDOWS\twunk_32.exe |24/08/2001 12:00:00

C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |21/01/2007 13:20:34

C:\WINDOWS\IsUninst.exe |31/01/2007 12:55:04

C:\WINDOWS\3030.exe |26/02/2007 18:39:11

C:\WINDOWS\temp.exe |27/02/2007 08:14:46

C:\WINDOWS\PATCH.EXE |26/02/2007 21:49:51

C:\WINDOWS\bd2.exe |26/02/2007 18:39:31

C:\WINDOWS\bd3.exe |26/02/2007 18:39:47

C:\WINDOWS\bd4.exe |26/02/2007 18:39:53

C:\WINDOWS\bd5.exe |26/02/2007 18:40:05

C:\WINDOWS\unvise32.exe |11/02/2007 10:49:16

C:\WINDOWS\bdoscandel.exe |25/05/2006 01:22:06

C:\WINDOWS\runtsckl.exe |02/11/2005 18:07:12

C:\WINDOWS\tsc.exe |26/02/2007 21:51:00

C:\WINDOWS\hbrVJ.exe |27/02/2007 13:16:01

C:\WINDOWS\alcrmv.exe |01/01/2003 02:15:48

C:\WINDOWS\alcupd.exe |01/01/2003 02:15:48

C:\WINDOWS\SOUNDMAN.EXE |01/01/2003 02:15:55

C:\WINDOWS\Ctregrun.exe |01/01/2003 02:53:00

C:\WINDOWS\Primary.exe |01/01/2003 03:02:11

C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |01/01/2003 03:15:16

C:\WINDOWS\twain.dll |24/08/2001 12:00:00

C:\WINDOWS\twain_32.dll |03/08/2004 22:54:44

C:\WINDOWS\UNZIP.DLL |26/02/2007 21:49:51

C:\WINDOWS\TMUPDATE.DLL |26/02/2007 21:49:52

C:\WINDOWS\loadhttp.dll |15/10/2002 14:29:40

C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46

C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20

C:\WINDOWS\BPMNT.dll |26/02/2007 21:51:00

C:\WINDOWS\vsapi32.dll |26/02/2007 21:51:00

C:\WINDOWS\hcextoutput.dll |26/02/2007 21:51:00

C:\WINDOWS\sclgntfys.dll |27/02/2007 08:11:57

C:\WINDOWS\f0vd12yigmug2.dll |27/02/2007 13:04:10

C:\WINDOWS\system32\append.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\debug.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34

C:\WINDOWS\system32\edlin.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\exe2bin.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\fastopen.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\mem.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\mscdexnt.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\nlsfunc.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\nw16.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\setver.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\share.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\vwipxspx.exe |24/08/2001 12:00:00

C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\dosx.exe |03/08/2004 20:51:28

C:\WINDOWS\system32\redir.exe |03/08/2004 20:48:48

C:\WINDOWS\system32\ffudf.exe |27/02/2007 20:21:05

C:\WINDOWS\system32\ati2evxx.exe |04/08/2005 04:02:58

C:\WINDOWS\system32\ati2sgag.exe |01/01/2003 02:18:31

C:\WINDOWS\system32\aswBoot.exe |01/01/2003 02:34:35

C:\WINDOWS\system32\Ati2mdxx.exe |04/08/2005 04:04:34

C:\WINDOWS\system32\prntfix.exe |24/01/2001 06:31:18

C:\WINDOWS\system32\bawang.exe |26/02/2007 13:31:19

C:\WINDOWS\system32\2100qqgm.exe |27/02/2007 08:11:07

C:\WINDOWS\system32\dufs2.exe |26/02/2007 13:36:58

C:\WINDOWS\system32\12.exe |27/02/2007 13:04:41

C:\WINDOWS\system32\NeroCheck.exe |09/07/2001 11:50:42

C:\WINDOWS\system32\nvugart.exe |01/01/2003 02:15:03

C:\WINDOWS\system32\NVUNINST.EXE |01/01/2003 02:15:12

C:\WINDOWS\system32\nvumctl.exe |01/01/2003 02:15:12

C:\WINDOWS\system32\nvusmb.exe |01/01/2003 02:15:14

C:\WINDOWS\system32\nvunrm.exe |01/01/2003 02:15:15

C:\WINDOWS\system32\nvuide.exe |01/01/2003 02:15:26

C:\WINDOWS\system32\RTLCPL.EXE |01/01/2003 02:15:53

C:\WINDOWS\system32\HPHLPKBD.EXE |08/02/2002 14:09:06

C:\WINDOWS\system32\HPMMKBD.EXE |08/02/2002 14:16:44

C:\WINDOWS\system32\HPKSETUP.EXE |06/07/2000 11:10:14

C:\WINDOWS\system32\pxhpinst.exe |01/01/2003 02:38:21

C:\WINDOWS\system32\pxinsa64.exe |01/01/2003 02:38:21

C:\WINDOWS\system32\pxinsi64.exe |01/01/2003 02:38:21

C:\WINDOWS\system32\pxcpya64.exe |01/01/2003 02:38:21

C:\WINDOWS\system32\CTSVCCDA.EXE |01/01/2003 02:50:18

C:\WINDOWS\system32\CTSVCCTL.EXE |01/01/2003 02:50:18

C:\WINDOWS\system32\ir32_32.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\jgaw400.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\jgmd400.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\jgdw400.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\jgsd400.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\jgsh400.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06

C:\WINDOWS\system32\msencode.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\scriptpw.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\slbrccsp.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\jgpl400.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\tsd32.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\win87em.dll |24/08/2001 12:00:00

C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16

C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\NVCOG.DLL |01/01/2003 02:15:02

C:\WINDOWS\system32\amstream.dll |03/08/2004 22:54:22

C:\WINDOWS\system32\atmfd.dll |03/08/2004 22:52:50

C:\WINDOWS\system32\atmlib.dll |03/08/2004 22:54:22

C:\WINDOWS\system32\compatUI.dll |03/08/2004 22:54:24

C:\WINDOWS\system32\encdec.dll |03/08/2004 22:54:26

C:\WINDOWS\system32\iccvid.dll |03/08/2004 22:54:28

C:\WINDOWS\system32\ieencode.dll |03/08/2004 22:54:28

C:\WINDOWS\system32\msdmo.dll |03/08/2004 22:54:34

C:\WINDOWS\system32\qedwipes.dll |03/08/2004 22:53:42

C:\WINDOWS\system32\sbe.dll |03/08/2004 22:54:38

C:\WINDOWS\system32\slbcsp.dll |03/08/2004 20:31:44

C:\WINDOWS\system32\slbiop.dll |03/08/2004 22:54:40

C:\WINDOWS\system32\ir41_qc.dll |03/08/2004 22:54:30

C:\WINDOWS\system32\ir41_qcx.dll |03/08/2004 22:54:30

C:\WINDOWS\system32\ir50_32.dll |03/08/2004 22:54:30

C:\WINDOWS\system32\ir50_qc.dll |03/08/2004 22:54:30

C:\WINDOWS\system32\ir50_qcx.dll |03/08/2004 22:54:30

C:\WINDOWS\system32\isrdbg32.dll |01/01/2003 01:52:04

C:\WINDOWS\system32\EqnClass.Dll |01/01/2003 01:45:45

C:\WINDOWS\system32\spxcoins.dll |01/01/2003 01:45:46

C:\WINDOWS\system32\dgsetup.dll |01/01/2003 01:45:46

C:\WINDOWS\system32\dgrpsetu.dll |01/01/2003 01:45:46

C:\WINDOWS\system32\lvcodec2.dll |01/01/2003 03:20:59

C:\WINDOWS\system32\LVUI2.dll |01/01/2003 03:20:59

C:\WINDOWS\system32\LVUI2RC.dll |01/01/2003 03:20:59

C:\WINDOWS\system32\lvcoinst.dll |01/01/2003 03:20:59

C:\WINDOWS\system32\hypertrm.dll |01/01/2003 01:50:08

C:\WINDOWS\system32\ATIDDC.DLL |04/08/2005 04:02:32

C:\WINDOWS\system32\atitvo32.dll |04/08/2005 03:08:22

C:\WINDOWS\system32\atipdlxx.dll |04/08/2005 04:04:56

C:\WINDOWS\system32\ATIDEMGR.dll |04/08/2005 06:27:54

C:\WINDOWS\system32\atioglxx.dll |04/08/2005 04:28:52

C:\WINDOWS\system32\atioglx1.dll |04/08/2005 05:46:26

C:\WINDOWS\system32\atiiiexx.dll |01/01/2003 02:18:27

C:\WINDOWS\system32\ati2dvag.dll |01/01/2003 01:47:37

C:\WINDOWS\system32\ati2cqag.dll |01/01/2003 01:47:37

C:\WINDOWS\system32\ati3duag.dll |01/01/2003 01:47:38

C:\WINDOWS\system32\ativvaxx.dll |01/01/2003 01:47:38

C:\WINDOWS\system32\ati2evxx.dll |04/08/2005 04:04:18

C:\WINDOWS\system32\ati2edxx.dll |04/08/2005 04:04:28

C:\WINDOWS\system32\atikvmag.dll |04/08/2005 03:34:12

C:\WINDOWS\system32\ati3d1ag.dll |01/01/2003 01:47:37

C:\WINDOWS\system32\Oemdspif.dll |04/08/2005 04:04:42

C:\WINDOWS\system32\ZiepodOneClicker.dll |14/01/2007 07:50:21

C:\WINDOWS\system32\lfbmp70n.dll |11/06/1998 14:08:02

C:\WINDOWS\system32\lffax70n.dll |11/06/1998 14:08:04

C:\WINDOWS\system32\OpenAL32.dll |21/01/2007 09:22:01

C:\WINDOWS\system32\lffpx70n.dll |11/06/1998 14:08:06

C:\WINDOWS\system32\lfgif70n.dll |11/06/1998 14:08:06

C:\WINDOWS\system32\lfpcx70n.dll |11/06/1998 14:08:08

C:\WINDOWS\system32\lfpng70n.dll |11/06/1998 14:08:08

C:\WINDOWS\system32\lftif70n.dll |11/06/1998 14:08:08

C:\WINDOWS\system32\ltfil70n.DLL |11/06/1998 14:08:12

C:\WINDOWS\system32\ltkrn70n.dll |11/06/1998 14:08:12

C:\WINDOWS\system32\ipeapi12.dll |11/04/2001 20:56:24

C:\WINDOWS\system32\hpgud32.dll |31/01/2007 12:54:49

C:\WINDOWS\system32\hpguapi.dll |31/01/2007 12:54:50

C:\WINDOWS\system32\hpg4400.dll |31/01/2007 12:54:50

C:\WINDOWS\system32\rts8891u.dll |31/01/2007 12:54:50

C:\WINDOWS\system32\hpgtpusd.dll |31/01/2007 12:54:50

C:\WINDOWS\system32\hpsjvset.dll |31/01/2007 12:54:50

C:\WINDOWS\system32\hpgtulbz.dll |31/01/2007 12:54:51

C:\WINDOWS\system32\KPUAEJO.DLL |26/02/2007 18:28:03

C:\WINDOWS\system32\epdotu77.dll |03/08/2004 22:54:30

C:\WINDOWS\system32\OTXCIOTY.DLL |26/02/2007 18:28:04

C:\WINDOWS\system32\LRXEJOT.DLL |26/02/2007 18:41:12

C:\WINDOWS\system32\mshtmll.dll |27/02/2007 08:14:31

C:\WINDOWS\system32\hticons.dll |01/01/2003 01:50:38

C:\WINDOWS\system32\1k8mu7iJg.dll |26/02/2007 18:27:22

C:\WINDOWS\system32\LFCMP70n.DLL |11/06/1998 14:08:02

C:\WINDOWS\system32\Lffpx7.dll |14/04/2000 16:50:02

C:\WINDOWS\system32\Lfkodak.dll |11/06/1998 14:08:06

C:\WINDOWS\system32\ipebase12.dll |11/04/2001 21:13:46

C:\WINDOWS\system32\ipeistor12.dll |11/04/2001 21:16:58

C:\WINDOWS\system32\imagX7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\imagXpr7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\imagXR7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\imagXRA7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\TwnLib4.dll |09/07/2004 09:43:56

C:\WINDOWS\system32\NeroCo.dll |16/02/2005 15:18:04

C:\WINDOWS\system32\RXBGNSXCIN.DLL |26/02/2007 18:28:03

C:\WINDOWS\system32\OUZELQVZE.DLL |26/02/2007 18:28:04

C:\WINDOWS\system32\bdco1.dll |01/01/2003 02:15:15

C:\WINDOWS\system32\nvconrm.dll |01/01/2003 02:15:15

C:\WINDOWS\system32\fdco1.dll |01/01/2003 02:15:19

C:\WINDOWS\system32\idecoi.dll |01/01/2003 02:15:23

C:\WINDOWS\system32\a3d.dll |01/01/2003 02:08:37

C:\WINDOWS\system32\Audio3D.dll |01/01/2003 02:08:37

C:\WINDOWS\system32\RtlCPAPI.dll |01/01/2003 02:15:55

C:\WINDOWS\system32\ativcoxx.dll |09/11/2001 16:01:04

C:\WINDOWS\system32\Monapi.dll |24/06/2002 00:09:26

C:\WINDOWS\system32\HPKBDEXT.DLL |29/06/2000 10:05:04

C:\WINDOWS\system32\HPMAPILD.DLL |04/02/2002 16:49:08

C:\WINDOWS\system32\HPMSGLED.DLL |04/02/2002 16:49:06

C:\WINDOWS\system32\E_SL2353.DLL |01/01/2003 02:26:50

C:\WINDOWS\system32\ECBTEG.DLL |01/01/2003 02:26:50

C:\WINDOWS\system32\EBPCHP.DLL |01/01/2003 02:26:50

C:\WINDOWS\system32\EBAPI2.dll |01/01/2003 02:27:43

C:\WINDOWS\system32\px.dll |01/01/2003 02:38:21

C:\WINDOWS\system32\pxmas.dll |01/01/2003 02:38:21

C:\WINDOWS\system32\pxwave.dll |01/01/2003 02:38:21

C:\WINDOWS\system32\vxblock.dll |01/01/2003 02:38:21

C:\WINDOWS\system32\pxdrv.dll |01/01/2003 02:38:21

C:\WINDOWS\system32\pxsfs.dll |01/01/2003 02:38:21

C:\WINDOWS\system32\pxafs.dll |01/01/2003 02:38:21

 

Le volume dans le lecteur C s'appelle ORDI FIXE

Le numéro de série du volume est 1701-08F7

 

Répertoire de C:\WINDOWS\system32

 

03/08/2004 22:54 6 144 csrss.exe

1 fichier(s) 6 144 octets

0 Rép(s) 14 924 382 208 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle ORDI FIXE

Le numéro de série du volume est 1701-08F7

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

01/01/2003 01:53 <REP> .

01/01/2003 01:53 <REP> ..

01/01/2003 01:53 65 desktop.ini

26/05/2005 04:19 291 wuweb.inf

09/11/2006 14:36 5 019 swflash.inf

15/11/2006 14:20 251 368 ExentCtl.ocx

31/05/2006 04:15 10 oscan81.ocx_x

14/03/2005 14:38 126 live.ini

14/03/2005 14:58 7 073 scanoptions.tsi

16/03/2005 12:34 7 407 lang.ini

25/05/2006 01:21 53 248 ipsupd.dll

25/05/2006 01:21 118 784 bdupd.dll

07/12/2004 17:07 32 libfn.dll

07/12/2004 17:07 32 bdcore.dll

01/06/2006 02:54 471 040 oscan8.ocx

01/06/2006 02:57 1 331 oscan8.inf

02/11/2005 18:07 435 712 xscan53.ocx

02/11/2005 18:01 1 777 xscan.inf

08/08/2006 11:45 576 kavwebscan.inf

17 fichier(s) 1 353 891 octets

 

Total des fichiers listés :

17 fichier(s) 1 353 891 octets

2 Rép(s) 14 924 382 208 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

 

 

 

Liste des programmes installes

 

Ad-Aware SE Professional

Adobe Flash Player 9 ActiveX

Adobe Reader 8 - Français

Adsense based PopAd

Archiveur WinRAR

ATI - Software Uninstall Utility

ATI Catalyst Control Center

ATI Display Driver

ATI HYDRAVISION

avast! Antivirus

AVG Anti-Spyware 7.5

CCleaner (remove only)

Creative Mass Storage Drivers

Creative Mass Storage Drivers

Creative MediaSource

Creative System Information

Creative Zen Nano Plus

EPSON Logiciel imprimante

EPSON Logiciel imprimante

Hewlett-Packard Extended Keyboard

HijackThis 1.99.1

HP Precisionscan Pro 3.1

K!TV

Kaspersky Online Scanner

Livebox

Logitech Audio Echo Cancellation Component

Logitech Desktop Messenger

Logitech QuickCam

Logitech Video Enumerator

Microsoft .NET Framework 1.1

Mozilla Firefox (2.0.0.2)

Mozilla Thunderbird (1.5)

NEC-Mitsubishi NaViSet

NEC-Mitsubishi NaViSet

Nero 7 Ultra Edition

NVIDIA Drivers

OpenOffice.org 2.1

Programme de gestion Camera de Logitech®

Rainlendar (remove only)

Realtek AC'97 Audio

Spybot - Search & Destroy 1.4

Themexp.org File

VideoLAN VLC media player 0.8.4a

Winamp (remove only)

Windows Installer 3.1 (KB893803)

Windows Live Messenger

Windows Media Format Runtime

Ziepod 0.99.8

Zion++ Vert 2.16

 

 

 

Le volume dans le lecteur C s'appelle ORDI FIXE

Le numéro de série du volume est 1701-08F7

 

Répertoire de C:\Program Files

 

01/01/2003 01:46 <REP> .

01/01/2003 01:46 <REP> ..

14/01/2007 20:01 <REP> Adobe

01/01/2003 02:34 <REP> Alwil Software

01/01/2003 02:18 <REP> ATI Technologies

28/01/2007 21:15 <REP> Boonty

01/01/2003 02:35 <REP> CCleaner

01/01/2003 01:51 <REP> ComPlus Applications

01/01/2003 02:47 <REP> Creative

11/02/2007 10:38 <REP> DAEMON Tools

01/01/2003 02:26 <REP> EPSON

01/01/2003 01:46 <REP> Fichiers communs

27/02/2007 07:17 <REP> Grisoft

31/01/2007 12:53 <REP> Hewlett-Packard

01/01/2003 01:51 <REP> Internet Explorer

13/01/2007 18:21 <REP> K!TV

01/01/2003 02:35 <REP> Lavasoft

01/01/2003 03:12 <REP> Logitech

01/01/2003 01:50 <REP> Messenger

01/01/2003 01:55 <REP> microsoft frontpage

01/01/2003 01:52 <REP> Movie Maker

01/01/2003 03:44 <REP> MozBackup

01/01/2003 02:35 <REP> Mozilla Firefox

01/01/2003 02:35 <REP> Mozilla Thunderbird

01/01/2003 01:50 <REP> MSN

01/01/2003 01:50 <REP> MSN Gaming Zone

01/01/2003 03:53 <REP> MSN Messenger

28/01/2007 21:16 <REP> My Downloaded Games

01/01/2003 02:23 <REP> NEC-Mitsubishi

30/01/2007 08:03 <REP> Nero

01/01/2003 01:52 <REP> NetMeeting

01/01/2003 01:51 <REP> Online Services

14/01/2007 17:45 <REP> OpenOffice.org 2.1

01/01/2003 01:52 <REP> Outlook Express

11/02/2007 10:39 <REP> Pinnacle

21/01/2007 09:25 <REP> Rainlendar

08/02/2007 07:49 <REP> regseek

01/01/2003 03:38 <REP> SAGEM

01/01/2003 01:53 <REP> Services en ligne

26/02/2007 18:40 <REP> SoftToolbar

01/01/2003 02:36 <REP> Spybot - Search & Destroy

28/01/2007 20:44 <REP> Systran

18/01/2007 18:12 <REP> themexp

01/01/2003 02:36 <REP> VideoLAN

01/01/2003 02:38 <REP> Winamp

01/01/2003 01:51 <REP> Windows Media Player

01/01/2003 01:50 <REP> Windows NT

01/01/2003 02:37 <REP> WinRAR

01/01/2003 02:58 <REP> WinTV

01/01/2003 01:55 <REP> xerox

14/01/2007 07:50 <REP> Ziepod

28/01/2007 08:40 <REP> Zion++

0 fichier(s) 0 octets

52 Rép(s) 14 924 251 136 octets libres

Le volume dans le lecteur C s'appelle ORDI FIXE

Le numéro de série du volume est 1701-08F7

 

Répertoire de C:\Program Files\fichiers communs

 

01/01/2003 01:46 <REP> .

01/01/2003 01:46 <REP> ..

01/01/2003 01:46 <REP> Microsoft Shared

01/01/2003 01:46 <REP> SpeechEngines

01/01/2003 01:46 <REP> ODBC

01/01/2003 01:51 <REP> System

01/01/2003 01:52 <REP> MSSoap

01/01/2003 01:52 <REP> Services

01/01/2003 02:14 <REP> InstallShield

01/01/2003 02:27 <REP> EPSON

01/01/2003 03:12 <REP> Logitech

14/01/2007 20:01 <REP> Adobe

28/01/2007 21:17 <REP> Macrovision Shared

30/01/2007 08:03 <REP> Ahead

31/01/2007 12:53 <REP> Hewlett-Packard

26/02/2007 18:40 <REP> WANSO

0 fichier(s) 0 octets

16 Rép(s) 14 924 251 136 octets libres

Le volume dans le lecteur C s'appelle ORDI FIXE

Le numéro de série du volume est 1701-08F7

 

Répertoire de C:\

 

11/11/2001 00:00 68 096 diff.exe

27/08/2006 14:10 103 424 grep.exe

2 fichier(s) 171 520 octets

0 Rép(s) 14 924 251 136 octets libres

c:\Documents and Settings\Ordi Famille\Local Settings\Temp\1001.exe

c:\Documents and Settings\Ordi Famille\Local Settings\Temp\1059.exe

c:\Documents and Settings\Ordi Famille\Local Settings\Temp\ad1830.exe

c:\Documents and Settings\Ordi Famille\Local Settings\Temp\bind_50202.exe

c:\Documents and Settings\Ordi Famille\Local Settings\Temp\kill.exe

c:\Documents and Settings\Ordi Famille\Local Settings\Temporary Internet Files\Content.IE5\8LMZO1ER\alading[1].exe

c:\Documents and Settings\Ordi Famille\Bureau\clean\pskill.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\diff.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\Fport.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\grep.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\LFiles.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\pslist.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\streams.exe

c:\Documents and Settings\Ordi Famille\Bureau\DiagHelp\swreg.exe

c:\Documents and Settings\Ordi Famille\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe

c:\Documents and Settings\Ordi Famille\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\Ordi Famille\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll

c:\Documents and Settings\Ordi Famille\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll

 

Liste des drivers...

 

< Service Pack 2 2 27 2007 20:27:48.500

< Pilote charg' \WINDOWS\system32\ntoskrnl.exe

< Pilote charg' \WINDOWS\system32\hal.dll

< Pilote charg' \WINDOWS\system32\KDCOM.DLL

< Pilote charg' \WINDOWS\system32\BOOTVID.dll

< Pilote charg' sptd.sys

< Pilote charg' \WINDOWS\System32\Drivers\WMILIB.SYS

< Pilote charg' \WINDOWS\System32\Drivers\SCSIPORT.SYS

< Pilote charg' ACPI.sys

< Pilote charg' pci.sys

< Pilote charg' isapnp.sys

< Pilote charg' ohci1394.sys

< Pilote charg' \WINDOWS\system32\DRIVERS\1394BUS.SYS

< Pilote charg' pciide.sys

< Pilote charg' \WINDOWS\system32\DRIVERS\PCIIDEX.SYS

< Pilote charg' MountMgr.sys

< Pilote charg' ftdisk.sys

< Pilote charg' dmload.sys

< Pilote charg' dmio.sys

< Pilote charg' PartMgr.sys

< Pilote charg' VolSnap.sys

< Pilote charg' atapi.sys

< Pilote charg' nvatabus.sys

< Pilote charg' disk.sys

< Pilote charg' \WINDOWS\system32\DRIVERS\CLASSPNP.SYS

< Pilote charg' fltMgr.sys

< Pilote charg' PxHelp20.sys

< Pilote charg' Fastfat.sys

< Pilote charg' KSecDD.sys

< Pilote charg' NDIS.sys

< Pilote charg' nv_agp.sys

< Pilote charg' Mup.sys

< Pilote charg' epdotu77.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\nic1394.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\amdk7.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\usbohci.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\usbehci.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\nvnetbus.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\ALCXWDM.SYS

< Pilote charg' \SystemRoot\system32\drivers\ALCXSENS.SYS

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\HCWBT8XX.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\cdrom.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\redbook.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\imapi.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\ati2mtag.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\fdc.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\serial.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\serenum.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\parport.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\i8042prt.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\mouclass.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\hpmmkbd.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\kbdclass.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\audstub.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\rasl2tp.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\ndistapi.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\ndiswan.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\raspppoe.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\raspptp.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\msgpc.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\psched.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\ptilink.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\raspti.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\rdpdr.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\termdd.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\swenum.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\update.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\mssmbios.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\System32\Drivers\NDProxy.SYS

< Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\NDProxy.SYS

< Pilote charg' \SystemRoot\system32\DRIVERS\usbhub.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\NVENETFD.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\flpydisk.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\lbrtfdc.SYS

< Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Sfloppy.SYS

< Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\i2omgmt.SYS

< Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Changer.SYS

< Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Cdaudio.SYS

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\usbccgp.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\LVMVDrv.sys

< Pilote charg' \SystemRoot\system32\drivers\lvusbsta.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\LV302AV.SYS

< Pilote charg' \SystemRoot\system32\DRIVERS\lv302af.sys

< Pilote charg' \SystemRoot\system32\drivers\usbaudio.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\LVcKap.sys

< Pilote charg' \SystemRoot\system32\drivers\fkwld.sys

< Pilote charg' \SystemRoot\System32\Drivers\Fs_Rec.SYS

< Pilote charg' \SystemRoot\System32\Drivers\Null.SYS

< Pilote charg' \SystemRoot\System32\Drivers\Beep.SYS

< Pilote charg' \SystemRoot\System32\DRIVERS\AvgAsCln.sys

< Pilote charg' \SystemRoot\System32\drivers\vga.sys

< Pilote charg' \SystemRoot\System32\Drivers\mnmdd.SYS

< Pilote charg' \SystemRoot\System32\DRIVERS\RDPCDD.sys

< Pilote charg' \SystemRoot\System32\Drivers\Msfs.SYS

< Pilote charg' \SystemRoot\System32\Drivers\Npfs.SYS

< Pilote charg' \SystemRoot\system32\DRIVERS\rasacd.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\ipsec.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\tcpip.sys

< Pilote charg' \SystemRoot\System32\Drivers\aswTdi.SYS

< Pilote charg' \SystemRoot\system32\DRIVERS\netbt.sys

< Pilote charg' \SystemRoot\System32\drivers\afd.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\netbios.sys

< Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\PCIDump.SYS

< Pilote charg' \SystemRoot\system32\DRIVERS\rdbss.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\mrxsmb.sys

< Le pilote n'a pas 't' charg' \SystemRoot\system32\drivers\InCDPass.sys

< Le pilote n'a pas 't' charg' \SystemRoot\system32\drivers\InCDRm.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\ipnat.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\wanarp.sys

< Pilote charg' \SystemRoot\system32\DRIVERS\arp1394.sys

< Pilote charg' \SystemRoot\System32\Drivers\Fips.SYS

< Pilote charg' \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys

< Pilote charg' \SystemRoot\System32\Drivers\Aavmker4.SYS

< Pilote charg' \SystemRoot\system32\drivers\splitter.sys

< Pilote charg' \SystemRoot\system32\drivers\aec.sys

< Pilote charg' \SystemRoot\system32\drivers\swmidi.sys

< Pilote charg' \SystemRoot\system32\drivers\DMusic.sys

< Pilote charg' \SystemRoot\system32\drivers\kmixer.sys

< Pilote charg' \SystemRoot\system32\drivers\drmkaud.sys

< Pilote charg' \SystemRoot\System32\Drivers\Cdfs.SYS

< Pilote charg' \SystemRoot\system32\DRIVERS\ndisuio.sys

< Le pilote n'a pas 't' charg' \SystemRoot\system32\DRIVERS\rdbss.sys

< Le pilote n'a pas 't' charg' \SystemRoot\system32\DRIVERS\mrxsmb.sys

< Pilote charg' \SystemRoot\system32\drivers\wdmaud.sys

< Pilote charg' \SystemRoot\system32\drivers\sysaudio.sys

< Pilote charg' \SystemRoot\system32\drivers\splitter.sys

< Pilote charg' \SystemRoot\system32\drivers\aec.sys

< Pilote charg' \SystemRoot\system32\drivers\swmidi.sys

< Pilote charg' \SystemRoot\system32\drivers\DMusic.sys

< Pilote charg' \SystemRoot\system32\drivers\kmixer.sys

< Pilote charg' \SystemRoot\system32\drivers\drmkaud.sys

< Pilote charg' Fastfat.SYS

***********************************************************************************

Logfile of HijackThis v1.99.1

Scan saved at 20:32:09, on 27/02/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Program Files\Rainlendar\Rainlendar.exe

C:\WINDOWS\system32\mssys32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

D:\Telechargement\scanner.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hao123.union123.com/index.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {A4BC11D3-1D10-17D1-13D4-943BB236A5D0} - C:\WINDOWS\system32\mshtmll.dll

O2 - BHO: (no name) - {C4B517D3-1813-13D3-18D3-2435B936A0A0} - C:\WINDOWS\system32\mshtmll.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [mshtmll] regsvr32 /s C:\WINDOWS\system32\mshtmll.dll

O4 - HKCU\..\Run: [mssys32] C:\WINDOWS\system32\mssys32.exe

O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E638575D-BAE0-4F04-8E99-B8A05836CA3C}: NameServer = 192.168.1.1

O18 - Protocol: bw+0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {7EB594B5-7A72-4CAB-AFBD-ECB7A63B1AA2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: sclgntfys - C:\WINDOWS\sclgntfys.dll

O23 - Service: 1FA013DE - Unknown owner - C:\WINDOWS\system32\1FA013DE.EXE (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: jsefusf - Unknown owner - C:\WINDOWS\system32\jsefusf.exe (file missing)

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

Lien vers le commentaire
Partager sur d’autres sites
Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

télécharges et installes :

KillBox de Option^Explicit

Aide Killbox

 

sélectionne entièrement la liste ci-dessous :

 

C:\WINDOWS\System32\mssys32.exe

C:\WINDOWS\System32\jsefusf.dll

C:\WINDOWS\System32\12.exe

C:\WINDOWS\System32\2100qqgm.exe

C:\WINDOWS\System32\JOTYDJ.AAB

C:\WINDOWS\System32\OTXCIOTY.DLL

C:\WINDOWS\System32\KPUAEJO.DLL

C:\WINDOWS\System32\1k8mu7iJg.dll

C:\WINDOWS\3030.exe

C:\WINDOWS\temp.exe

C:\WINDOWS\hbrVJ.exe

C:\WINDOWS\system32\mshtmll.dll

C:\WINDOWS\sclgntfys.dll

 

---> et tu fais clic droit / copier

 

Ouvres killbox

- Sélectionne "delete on reboot"

- Clique sur le menu "File" -> "Past from clip board"

- Clique sur All Files

- Clique sur la croix rouge et et blanche

- Répond yes et laisse redémarrer ton pc.

N'hésite pas à consulter l'Aide killbox

 

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!" et que l'ordinateur ne redémarre pas, redémarre le manuellement ---> Menu Démarrer / arreter / redémarrer l'ordinateur

 

Après redémarrage, relance Killbox puis clic sur le menu fichier -> Log -> Actions History Log

Poste le rapport ici

 

 

puis :

 

Sur HIjackThis, coche ces lignes :

 

2 - BHO: (no name) - {A4BC11D3-1D10-17D1-13D4-943BB236A5D0} - C:\WINDOWS\system32\mshtmll.dll

O4 - HKCU\..\Run: [mshtmll] regsvr32 /s C:\WINDOWS\system32\mshtmll.dll

O4 - HKCU\..\Run: [mssys32] C:\WINDOWS\system32\mssys32.exe

O20 - Winlogon Notify: sclgntfys - C:\WINDOWS\sclgntfys.dll

 

--> clic sur fix checked

 

- Demarrer / executer / tape services.msc

- Cherche jsefusf dans la liste

- Double clic dessus, positionne le type de démarrage sur désactiver

- Cherche 1FA013DE dans la liste

- Double clic dessus, positionne le type de démarrage sur désactiver

 

 

J'aimerai bien voir le rapport AVG AntiSpyware....

Poste un nouveau rapport HijackThis.

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...