[Résolu] analyse rapport HijackThis suite à freeze du pc

minikisskool · le 27 janvier 2006

Bonjour,

j'avais un problème de freeze du pc suite à l'essai de suppression d'un truc bizarre dans mon dossier "Local setting\temp" : ce fichier n'avait pas d'extension et dès que mon anti virus pointait dessus, tout se bloquait !

J'avais essayé de le virer avec Kaspersky, Secuser ou manellement mais rien n'y faisait.

J'ai pu finir de nettoyer ce dossier en suivant la procédure de Mégataupe et tout semble ok maintenant mais j'aimerai quand même voir avec vous si je n'ai pas d'autre surprise en réserve !!!

Merci d'avance pour votre aide.

Donc le rapport est là :

Logfile of HijackThis v1.99.1

Scan saved at 11:21:21, on 27/01/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe

C:\WINDOWS\System32\GEARSec.exe

C:\Program Files\OutSys\Norton Ghost\Agent\PQV2iSvc.exe

C:\Program Files\OutJeux\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\SAgent4.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Outils Virus\AntiVir PersonalEdition Classic\avguard.exe

C:\Outils Virus\AntiVir PersonalEdition Classic\avgnt.exe

C:\Outils Virus\AntiVir PersonalEdition Classic\sched.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

C:\Outils Virus\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://static.vpptechnologies.com/playfuls...results.html?s=

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://static.vpptechnologies.com/playfuls...results.html?s=

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://static.vpptechnologies.com/playfuls...results.html?s=

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://static.vpptechnologies.com/playfuls...results.html?s=

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)

O1 - Hosts: 216.40.230.4 desktop.kazaa.com

O1 - Hosts: 216.40.230.4 alpha.kazaa.com

O1 - Hosts: 216.40.230.4 shop.kazaa.com

O2 - BHO: (no name) - {7559B76E-0222-4d77-9499-CCE9EB4EDC2F} - (no file)

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\OUTINT\FLASHGET\jccatch.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\OUTINT\FLASHGET\fgiebar.dll

O3 - Toolbar: (no name) - {8B224779-3B0E-4FEA-8AE1-B66C20DD840F} - (no file)

O3 - Toolbar: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\INKSE\iTouch\iTouch.exe

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [avgnt] "C:\Outils Virus\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [steam] "c:\progra~1\valve\steam\steam.ex" -silent

O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\OutAntVir\AVPro\avpm.exe

O4 - Global Startup: Supervision de Photo Loader.lnk = C:\Program Files\OutImag\CASIO\Photo Loader\Plauto.exe

O8 - Extra context menu item: Download with GetRight - C:\Program Files\OutInt\GetRight\GRdownload.htm

O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\OutInt\GetRight\GRbrowse.htm

O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\OutInt\FlashGet\jc_all.htm

O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\OutInt\FlashGet\jc_link.htm

O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\OutInt\FlashGet\jc_link.htm

O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\OutInt\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra button: (no name) - {44EFB53C-C965-43CF-9F45-52242D134187} - (no file)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\OUTINT\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\OUTINT\FLASHGET\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: AdShield - {4FB6C25E-7B37-4c93-B592-16ECD8D18361} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O15 - Trusted Zone: *.musicmatch.com

O15 - Trusted Zone: *.musicmatch.com (HKLM)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{A1FB2AF5-8D2C-471A-BA69-9621618E1F7D}: NameServer = 80.10.246.3,80.10.246.130

O18 - Protocol: bw+0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Outils Virus\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Outils Virus\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\OutSys\Norton Ghost\Agent\PQV2iSvc.exe

O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\OutInt\Kerio\Personal Firewall\persfw.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\OutJeux\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe

Modifié le 5 février 2006 par minikisskool

Thanos · le 27 janvier 2006

salut minikisskool,et bienvenue sur le forum

Ton pc est encore infecté! je lance une analyse!

Thanos · le 27 janvier 2006

-TéléchargeEasyCleaner de Toni Helenius(installe le dans son dossier)

-Télécharge Zebrestore,met le dans un dossier:

http://telechargement.zebulon.fr/233-zeb-restore.html

-Télécharge la version d'essai d'Ewido=>ici :

et l'installer (important: pendant l'installation, sur la page "Additional Options"

décocher les deux options "Install background guard" et "Install scan via context

menu")Met le à jour.

-Redémarre le PC, impérativement en mode sans échec,(n'ayant pas accès à Internet, tu as préalablement copié ces instructions dans un fichier texte)

en cas de problème pour sélectionner le mode sans échec, appliquer la procédure de Symantec "Comment démarrer l'ordinateur en mode sans échec" http://service1.symantec.com/support/inter...020905112131924

Assure toi d'avoir accès à tous les fichiers.

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Activer la case : Afficher les fichiers et dossiers cachés

Désactiver la case : Masquer les extensions des fichiers dont le type est connu

Désactiver la case : Masquer les fichiers protégés du système d'exploitation

Puis Appliquer

Démarre Hijackthis"Do a system scan only", et coche les lignes suivantes :

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://static.vpptechnologies.com/playfuls...results.html?s=

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://static.vpptechnologies.com/playfuls...results.html?s=

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://static.vpptechnologies.com/playfuls...results.html?s=

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://static.vpptechnologies.com/playfuls...results.html?s=

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)

O1 - Hosts: 216.40.230.4 desktop.kazaa.com

O1 - Hosts: 216.40.230.4 alpha.kazaa.com

O1 - Hosts: 216.40.230.4 shop.kazaa.com

O2 - BHO: (no name) - {7559B76E-0222-4d77-9499-CCE9EB4EDC2F} - (no file)

O3 - Toolbar: (no name) - {8B224779-3B0E-4FEA-8AE1-B66C20DD840F} - (no file)

O3 - Toolbar: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)

O9 - Extra button: (no name) - {44EFB53C-C965-43CF-9F45-52242D134187} - (no file)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O15 - Trusted Zone: *.musicmatch.com

O15 - Trusted Zone: *.musicmatch.com (HKLM)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -

http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: bw+0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {85946FE8-67BB-4F48-AD84-15DDB7084ACD} - C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

-Ferme tous les programmes et clique sur "Fix Checked"

-Lance zebrestore et coche les cases "Sites de confiance et sensibles" et "Fichier Hosts"

puis clique sur "Restaure".

-Lances Ewido et cliquer sur scanner puis sur scan complet du système.

Si des fichiers infectés sont trouvés, garder l'option par défaut Supprimer (avec la ligne "Créer des copies de sauvegarde cryptées dans la quarantaine" cochée).

A la fin du scan, Sauver le rapport (Fichier/Enregistrer sous...)

-Exécute EasyCleaner Registre et Inutiles.Ne pas toucher à la fonction doublons. Supprime tout ce qu'il te propose.

-Redémarre normalement et poste un nouveau rapport Hijackthis(en mode normal) pour vérification,ainsi que le rapport d'Ewido.

minikisskool · le 27 janvier 2006

!!! !!!

Opération en cours...

wow ! :-P

C'est plus un Pc que j'ai, c'est un germinoire à merdouille...

:-(

minikisskool · le 27 janvier 2006

Et voilà, j'ai fini de m'esquinter les yeux !

voilà le rapport final de Hijackthis (il est moins long !!!) :

Logfile of HijackThis v1.99.1

Scan saved at 18:14:13, on 27/01/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe

C:\Outils Virus\ewido anti-malware\ewidoctrl.exe

C:\WINDOWS\System32\GEARSec.exe

C:\Program Files\OutSys\Norton Ghost\Agent\PQV2iSvc.exe

C:\Program Files\OutInt\Kerio\Personal Firewall\persfw.exe

C:\Program Files\OutJeux\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\SAgent4.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE

C:\Program Files\Logitech\INKSE\iTouch\iTouch.exe

C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Logitech\INKSE\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\OutAntVir\AVPro\avpm.exe

C:\Program Files\OutImag\CASIO\Photo Loader\Plauto.exe

C:\WINDOWS\system32\wuauclt.exe