Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

2furious4u2a

problème avec winfixer 2005

Messages recommandés

bonjour à tous,

 

tout comme certains d'entre vous j'ai un problème aevc winfixer et je ne parviens pas à m'en défaire.

j'ai installé antivir et je l'ai lancé en mode sans echec puis comme indiqué dans un autre post j'ai lancé et enregistré le rapport suivant:

 

Logfile of HijackThis v1.99.1

Scan saved at 12:22:18, on 28/08/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Stardock\SDMCP.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\Roch\Mes documents\Web download\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O1 - Hosts: 213.219.251.78 www.google.com

O1 - Hosts: 213.219.251.78 google.com

O1 - Hosts: 213.219.251.78 www.google.co.uk

O1 - Hosts: 213.219.251.78 google.co.uk

O1 - Hosts: 213.219.251.78 www.google.ca

O1 - Hosts: 213.219.251.78 google.ca

O1 - Hosts: 213.219.251.78 www.google.es

O1 - Hosts: 213.219.251.78 google.es

O1 - Hosts: 213.219.251.78 www.google.de

O1 - Hosts: 213.219.251.78 google.de

O1 - Hosts: 213.219.251.78 www.google.fr

O1 - Hosts: 213.219.251.78 google.fr

O1 - Hosts: 213.219.251.78 www.google.com.au

O1 - Hosts: 213.219.251.78 google.com.au

O1 - Hosts: 213.219.251.79 www.yahoo.com

O1 - Hosts: 213.219.251.79 yahoo.com

O1 - Hosts: 66.218.75.184 mail.yahoo.com

O1 - Hosts: 213.219.251.80 www.msn.com

O1 - Hosts: 213.219.251.80 msn.com

O1 - Hosts: 213.219.251.80 search.msn.com

O1 - Hosts: 213.219.251.80 www.search.msn.com

O1 - Hosts: 213.219.251.80 go.com

O1 - Hosts: 213.219.251.80 www.go.com

O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - (no file)

O2 - BHO: WebBlinds - {4F92B827-1E56-4E30-A978-A17A7861A606} - C:\PROGRA~1\OBJECT~1\WEBBLI~1\webblinds.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: C:\WINDOWS\system32\ssf.dll - {CA31B41F-1B7D-42D2-A4D3-BC4A13341124} - C:\WINDOWS\system32\ssf.dll (file missing)

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe

O4 - HKLM\..\Run: [Yjzwibew] C:\Program Files\Ygctl\Yamgc.exe

O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe

O4 - HKLM\..\Run: [JVM0.14] C:\WINDOWS\system32\lnmqt.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

O4 - HKLM\..\Run: [NI.UWFX5LP_0001_0614] "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX5LP_0001_0614NetInstaller.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_med_nostra.exe

O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.browserplugin.com/eroticAccess/...01@medicvin.cab

O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...e/bridge-c5.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {9B4AA442-9EBF-11D5-8C11-0050DA4957F5} - http://www.xs4all.nl/~kuhljf/nl.exe

O16 - DPF: {BF3CD111-6278-11D2-9EA3-00A0C9251384} (O2C-Player Version 1.x) - http://www.o2c.de/download/O2CPlayer.CAB

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp07.photoprintit.de/microsite/572...geUploader3.cab

O18 - Protocol: bw+0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll

O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll

O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

 

 

j'ai ensuite redémarré en mode normal mais je suis toujours infecté par winfixer 2005.

 

merci pour votre aide en espérant que quelqu'un trouve une solution à mon problème.

Partager ce message


Lien à poster
Partager sur d’autres sites

Bonjour 2furious4u2a, bonjour à tous,

 

Messages : 1
Je te souhaite la bienvenue sur Zeb'Sécurité ! Merci de venir sur notre forum ! :P

 

C:\Program Files\Fichiers communs\Stardock\SDMCP.exe
As-tu lancé ce programme toi-même ?

As-tu une idée de la raison pour laquelle il est présent dans les processus ?

 

Je démarre une analyse de ton rapport HijackThis... réponse d'ici 15-20 minutes !

Partager ce message


Lien à poster
Partager sur d’autres sites

Rebonjour 2furious4u2a, rebonjour à tous,

 

-1- Imprime ou sauvegarde ces instructions dans un fichier .txt de manière à pourvoir le consulter en mode sans échec.

 

-2- Télécharge et installe EasyCleaner de Toni Helenius ( http://personal.inet.fi/business/toniarts/ecleane.htm )

 

 

 

-3- Redémarre l'ordinateur en mode sans échec.

 

-4- Désinstalle ces applications (si tu trouves) dans Ajout-Suppression de programmes :

--- AdTools Service

--- Ygctl ou Yjzwibew ou Yamgc

--- Media Access

--- winfixer

 

Il se peut que certaines des lignes n'apparaissent plus du fait du nettoyage déjà effectué.

 

-5- Relance un scan HijackThis, clique sur "Do a system scan only" et coche les lignes ci-dessous :

(je te fais fixer toutes les lignes O16 et O18)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O1 - Hosts: 213.219.251.78 www.google.com

O1 - Hosts: 213.219.251.78 google.com

O1 - Hosts: 213.219.251.78 www.google.co.uk

O1 - Hosts: 213.219.251.78 google.co.uk

O1 - Hosts: 213.219.251.78 www.google.ca

O1 - Hosts: 213.219.251.78 google.ca

O1 - Hosts: 213.219.251.78 www.google.es

O1 - Hosts: 213.219.251.78 google.es

O1 - Hosts: 213.219.251.78 www.google.de

O1 - Hosts: 213.219.251.78 google.de

O1 - Hosts: 213.219.251.78 www.google.fr

O1 - Hosts: 213.219.251.78 google.fr

O1 - Hosts: 213.219.251.78 www.google.com.au

O1 - Hosts: 213.219.251.78 google.com.au

O1 - Hosts: 213.219.251.79 www.yahoo.com

O1 - Hosts: 213.219.251.79 yahoo.com

O1 - Hosts: 66.218.75.184 mail.yahoo.com

O1 - Hosts: 213.219.251.80 www.msn.com

O1 - Hosts: 213.219.251.80 msn.com

O1 - Hosts: 213.219.251.80 search.msn.com

O1 - Hosts: 213.219.251.80 www.search.msn.com

O1 - Hosts: 213.219.251.80 go.com

O1 - Hosts: 213.219.251.80 www.go.com

O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - (no file)

 

O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll

 

O2 - BHO: C:\WINDOWS\system32\ssf.dll - {CA31B41F-1B7D-42D2-A4D3-BC4A13341124} - C:\WINDOWS\system32\ssf.dll (file missing)

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

 

O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe

O4 - HKLM\..\Run: [Yjzwibew] C:\Program Files\Ygctl\Yamgc.exe

 

O4 - HKLM\..\Run: [JVM0.14] C:\WINDOWS\system32\lnmqt.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

 

O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

O4 - HKLM\..\Run: [NI.UWFX5LP_0001_0614] "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX5LP_0001_0614NetInstaller.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

 

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

 

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

 

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_med_nostra.exe

O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.browserplugin.com/eroticAccess/...01@medicvin.cab

O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...e/bridge-c5.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {9B4AA442-9EBF-11D5-8C11-0050DA4957F5} - http://www.xs4all.nl/~kuhljf/nl.exe

O16 - DPF: {BF3CD111-6278-11D2-9EA3-00A0C9251384} (O2C-Player Version 1.x) - http://www.o2c.de/download/O2CPlayer.CAB

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp07.photoprintit.de/microsite/572...geUploader3.cab

O18 - Protocol: bw+0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {8F2F3104-E235-4F55-A65E-2FFF09B91D4B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll

-6- Ferme toutes les fenêtres sauf HijackThis et "Fix Checked".

 

-7- Supprime les fichiers/dossiers incriminés (s'ils existent encore) par l'Explorateur Windows :

--- C:\WINDOWS\system32\lnmqt.exe

--- C:\Program Files\AdTools Service (supprime le dossier)

--- C:\Program Files\Ygctl (supprime le dossier)

--- C:\Program Files\Media Access (supprime le dossier)

--- C:\WINDOWS\Downloaded Program Files\CONFLICT.2 (supprime le dossier)

En cas de difficultés, vérifier l'option d'affichage des fichiers, les attributs "Lecture seule", etc.

- suppression des fichiers inutiles par EasyCleaner-Inutile(s)

- vidage des zones de quarantaine éventuelles

- nettoyage de la base de registres par EasyCleaner-Registre

 

-8- Renomme les fichiers suivants ! Je te les fais renommer car ils me sont inconnus et je ne veux pas les perdre, juste les rendre inactifs (pour le moment) ; je te conseille de mettre un nom reprenant le nom-tiret-l'extension.anc :

--- C:\WINDOWS\java\classes\odbcps.dll

Si tout est bon dans 2 jours, tu les supprimeras.

 

-9- Redémarre l'ordinateur en mode normal et poste un nouveau rapport HijackThis à titre de vérification.

 

-10- Qu'en est-il de dysfonctionnements éventuels ?

 

Ceci concerne le nettoyage dans une optique malware ; lorsque ton ordinateur sera bien propre, on pourra aller au delà en parlant optimisation de ton système !

Partager ce message


Lien à poster
Partager sur d’autres sites

... édité par ipl_001 : il est inutile que tu reproduises mon message, je l'ai lu ! LOL

Il y a 2 boutons "Répondre", en temsp normal, utilise celui qui est entre "Flash" et "Options"

 

merci beaucoup ipl 001.

je vais essayer et je post mon nouveau rapport juste après.

enfin un forum où l'on trouve des gens sympas et compétents pour aider les newbies en informatique.

Partager ce message


Lien à poster
Partager sur d’autres sites

voilà je viens d'executer ta procédure hormis que je n'ai pas pu renommer le fichier odbcps.dll car utiliser par une autre ressource même en mode sans échec.

 

voilà le rapport hijackthis avant le redemarrage en mode normal

 

Logfile of HijackThis v1.99.1

Scan saved at 17:48:15, on 28/08/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Stardock\SDMCP.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\System32\LVComsX.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: WebBlinds - {4F92B827-1E56-4E30-A978-A17A7861A606} - C:\PROGRA~1\OBJECT~1\WEBBLI~1\webblinds.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [NI.UWA5PLP_0001_0721] "C:\WINDOWS\Downloaded Program Files\UWA5PLP_0001_0721NetInstaller.exe"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\Azureus\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [FreeGo] C:\Documents and Settings\Roch\FreeGo.exe

O4 - HKCU\..\Run: [Mwp9Rjcqg] tcpaint.exe

O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.coolwebsearch.com

O15 - Trusted Zone: *.searchmeup.com

O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll

O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll

O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

 

voilà maintenant le rapport apres demarrage en mode normal

 

Logfile of HijackThis v1.99.1

Scan saved at 17:54:35, on 28/08/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVPersonal\AVWUPSRV.EXE

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\NMSSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

C:\Program Files\Fichiers communs\Stardock\SDMCP.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\LVCOMSX.EXE

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe

C:\WINDOWS\Mixer.exe

C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\CursorXP\CursorXP.exe

C:\Program Files\No-IP\DUC20.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\HijackThis\HijackThis.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: WebBlinds - {4F92B827-1E56-4E30-A978-A17A7861A606} - C:\PROGRA~1\OBJECT~1\WEBBLI~1\webblinds.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\Roch\MESDOC~1\SERVEU~1\FTPSRV~1\ftpserv.exe

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [NI.UWA5PLP_0001_0721] "C:\WINDOWS\Downloaded Program Files\UWA5PLP_0001_0721NetInstaller.exe"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\PROGRA~1\GADWIN~1\PRINTS~1\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\Azureus\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [FreeGo] C:\Documents and Settings\Roch\FreeGo.exe

O4 - HKCU\..\Run: [Mwp9Rjcqg] tcpaint.exe

O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.coolwebsearch.com

O15 - Trusted Zone: *.searchmeup.com

O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll

O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll

O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

 

voilà que dois je faire maintenant.

Partager ce message


Lien à poster
Partager sur d’autres sites

-télécharge Spybot S&D,met le à jour:

http://www.safer-networking.org/fr/index.html

 

-télécharge CWshredder:

http://www.intermute.com/spysubtract/cwshr...r_download.html

 

-Télécharge et dézippe Hoster de ToadBee :

http://www.funkytoad.com/hoster.htm

 

 

-redémarre le PC, en mode sans échec(n'ayant pas accès à Internet, tu as préalablement copié ces instructions dans un fichier texte)

-Assure toi d'avoir accès à tous les fichiers.

 

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Activer la case : Afficher les fichiers et dossiers cachés

Désactiver la case : Masquer les extensions des fichiers dont le type est connu

Désactiver la case : Masquer les fichiers protégés du système d'exploitation

Puis Appliquer

 

 

Démarrer> Paramètres> Panneau de configuration> Ajout/suppression des programmes

 

S’il y a le programme :

 

-winfixer=> le désinstaller.

 

-Démarre HijackthisDo a system scan only, assure toi que la caseMake Backups before fixing items est activée et coche les lignes suivantes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02

O2 - BHO: MSEvents Object - {B8B55274-0F9A-41E5-9067-A3539BD9E860} - C:\WINDOWS\java\classes\odbcps.dll

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [NI.UWA5PLP_0001_0721] "C:\WINDOWS\Downloaded Program Files\UWA5PLP_0001_0721NetInstaller.exe"

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\Azureus\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [FreeGo] C:\Documents and Settings\Roch\FreeGo.exe

O4 - HKCU\..\Run: [Mwp9Rjcqg] tcpaint.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

 

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

 

O15 - Trusted Zone: *.coolwebsearch.com

O15 - Trusted Zone: *.searchmeup.com

 

O20 - Winlogon Notify: odbcps - C:\WINDOWS\java\classes\odbcps.dll

-Ferme toutes les fenêtres, tous les programmes et clique surFix checked

 

-Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

 

-C:\WINDOWS\Downloaded Program Files\UWA5PLP_0001_0721NetInstaller.exe

-C:\WINDOWS\java\classes\odbcps.dll

-probablement dans Windows\System32=>tcpaint.exe

si tu ne le trouve pas utilise la fonction rechercher de l'explorateur.

 

2furious4u2a, les problèmes que tu rencontres sont du en grande partie à ceci:

C:\Program Files\Azureus\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe

je serais toi je dirais au revoir à Peeguard et Azureus!!

 

 

-Lance CWShredder et clique sur fix

 

-Lance Hoster et clique sur "Restore Original Hosts"

 

-Lance Spybot S&D =>"vérifier tout " et vire ce qu'il te dit.Donne nous le rapport si tu peux

 

-désinstalle un antivirus car tu en as deux à présent!

 

-Exécute EasyCleaner Inutiles et Registre seulement.Ne touche pas à la fonction doublon.

 

-redémarre et poste un nouveau log hijack

 

édit: ipl je te pique ton log :P on va voir ce que S&D fais de Winfixer!

Modifié par charles ingals

Partager ce message


Lien à poster
Partager sur d’autres sites
Invité tesgaz

tiens,

 

marrant de voir qu'entre le 1er et le 2eme log, on retrouve comme par hasard un log de P2P :P

 

faudrait supprimer celui-ci aussi comme fichier :

C:\Documents and Settings\Roch\FreeGo.exe

Modifié par tesgaz

Partager ce message


Lien à poster
Partager sur d’autres sites

salut à tous

faudrait supprimer celui-ci aussi comme fichier :

C:\Documents and Settings\Roch\FreeGo.exe

salut tesgaz :P j'ai vu qu'on faisait désinstaller ce programme sur certains forums, et la

 

seule info que j'ai trouvé c'est ça=>;

 

FreeGo is software for playing :P si 2furious4u2a veut nous en dire plus!

 

marrant de voir qu'entre le 1er et le 2eme log, on retrouve comme par hasard un log de P2P

:-P:-(:P

Partager ce message


Lien à poster
Partager sur d’autres sites
Invité tesgaz

charles,

 

un ;exe à la racine de \documents and settings\user\

 

c'est toujours trés-trés-trés louche :P

Partager ce message


Lien à poster
Partager sur d’autres sites

Créer un compte ou se connecter pour commenter

Vous devez être membre afin de pouvoir déposer un commentaire

Créer un compte

Créez un compte sur notre communauté. C’est facile !

Créer un nouveau compte

Se connecter

Vous avez déjà un compte ? Connectez-vous ici.

Connectez-vous maintenant

  • En ligne récemment   0 membre est en ligne

    Aucun utilisateur enregistré regarde cette page.

×