RESOLU / Eradication malwares

[bruce lee]

re,

 

peux tu refaire en faisant comme recherche newdotnet et tu poste le resultat.

[bruce lee]

re,

 

pour new.net j'ai carrement zappé l'utilitaire telecharge le ici http://www.new.net/support/uninstall6_38.exe et execute le ensuite

 

ensuite:

 

1/demarrer/panneau de configuration/ajouts et suppresions de programmes et verifie la presence de:

 

ucmore

beginto

powerstrip

 

si ces programmes sont presents desinstallent les.

 

2/ relance reg search en faisant comme recherche:

 

ucmore

 

et poste le resultat.

 

@+

Modifié le 18 mai 2006 par bruce lee

[pierreforestier]

re,

 

peux tu refaire en faisant comme recherche newdotnet et tu poste le resultat.

 

 

-------------

REGEDIT4

 

; Registry Search 2.0 by Bobbi Flekman © 2005

; Version: 2.0.1.0

 

; Results at 18/05/2006 21:06:27 for strings:

; 'newdotnet'

; Strings excluded from search:

; (None)

; Search in:

; Registry Keys Registry Values Registry Data

; HKEY_LOCAL_MACHINE HKEY_USERS

 

 

; End Of The Log...

--------------

REGEDIT4

 

; Registry Search 2.0 by Bobbi Flekman © 2005

; Version: 2.0.1.0

 

; Results at 18/05/2006 21:07:44 for strings:

; 'newdot.net'

; Strings excluded from search:

; (None)

; Search in:

; Registry Keys Registry Values Registry Data

; HKEY_LOCAL_MACHINE HKEY_USERS

 

 

; End Of The Log...

----------

 

 

 

Merci de ta patience!!!!

[bruce lee]

re,

 

juste au dessus de ton post j'ai marqué une nouvelle reponse.

[pierreforestier]

re,

 

juste au dessus de ton post j'ai marqué une nouvelle reponse.

 

 

 

---------------

REGEDIT4

 

; Registry Search 2.0 by Bobbi Flekman © 2005

; Version: 2.0.1.0

 

; Results at 18/05/2006 21:20:18 for strings:

; 'ucmore'

; Strings excluded from search:

; (None)

; Search in:

; Registry Keys Registry Values Registry Data

; HKEY_LOCAL_MACHINE HKEY_USERS

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\UCmore - The Search Accelerator]

 

[HKEY_USERS\S-1-5-21-1078081533-1767777339-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\UCmore - The Search Accelerator]

 

; End Of The Log...

----------------

 

 

Je dois m'absenter. Je regarderai ta réponse demain.

Très bonne soirée et merci

Pierre

[bruce lee]

re,

 

1/demarre en mode sans echec

 

2/ avant tout faire une sauvegarde du registre:

 

demarrer\executer\ regedit

 

tu cliques sur fichier puis exporter, tu donnes un nom simple(pour t'en rappeler) et tu enregistres ca aussi dans un endroit facil d'acces.

 

3/ rend toi dans le registre demarrer\executer\ regedit

 

4/ rend toi ici:

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache

 

ouvre ARPCache et supprime ceci UCmore - The Search Accelerator et surtout rien d'autres!

 

 

5/ rend toi cette fois ci ici:

 

HKEY_USERS\S-1-5-21-1078081533-1767777339-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs

 

ouvre Programs et supprime ceci UCmore - The Search Accelerator et surtout rien d'autres!

 

 

6/ redemarre en mode normal

 

7/ reutilise reg search en faisant la meme recherche ucmore et poste le rapport apres avoir

 

fait cela tu relances reg search et tu mets comme recherche beginto et tu postes le rapport aussi

 

@+

[pierreforestier]

re,

 

1/demarre en mode sans echec

 

2/ avant tout faire une sauvegarde du registre:

 

demarrer\executer\ regedit

 

tu cliques sur fichier puis exporter, tu donnes un nom simple(pour t'en rappeler) et tu enregistres ca aussi dans un endroit facil d'acces.

 

3/ rend toi dans le registre demarrer\executer\ regedit

 

4/ rend toi ici:

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache

 

ouvre ARPCache et supprime ceci UCmore - The Search Accelerator et surtout rien d'autres!

5/ rend toi cette fois ci ici:

 

HKEY_USERS\S-1-5-21-1078081533-1767777339-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs

 

ouvre Programs et supprime ceci UCmore - The Search Accelerator et surtout rien d'autres!

6/ redemarre en mode normal

 

7/ reutilise reg search en faisant la meme recherche ucmore et poste le rapport apres avoir

 

fait cela tu relances reg search et tu mets comme recherche beginto et tu postes le rapport aussi

 

@+

 

 

 

Bonjour!

Voici les derniers rapports demandés:

 

-------------

REGEDIT4

 

; Registry Search 2.0 by Bobbi Flekman © 2005

; Version: 2.0.1.0

 

; Results at 19/05/2006 10:23:42 for strings:

; 'ucmore'

; Strings excluded from search:

; (None)

; Search in:

; Registry Keys Registry Values Registry Data

; HKEY_LOCAL_MACHINE HKEY_USERS

 

 

; End Of The Log...

-----------

 

REGEDIT4

 

; Registry Search 2.0 by Bobbi Flekman © 2005

; Version: 2.0.1.0

 

; Results at 19/05/2006 10:25:47 for strings:

; 'beginto'

; Strings excluded from search:

; (None)

; Search in:

; Registry Keys Registry Values Registry Data

; HKEY_LOCAL_MACHINE HKEY_USERS

 

 

; End Of The Log...

------------------

 

J'ai encore 2 sites qui s'ouvrent: un de casino flctee1_fr et zebazar.com.

 

Merci,

Pierre

[micmac74]

bnjour je vient de faire une analyse et en voici le rapport que dois je faire

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 10:53:52, on 19/05/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\cisvc.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\WINDOWS\System32\snmp.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\BroadJump\Client Foundation\CFD.exe

D:\WINDOWS\system32\LVCOMSX.EXE

D:\WINDOWS\htpatch.exe

D:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe

D:\Program Files\Logitech\Video\LogiTray.exe

D:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

D:\Program Files\Logitech\Video\FxSvr2.exe

D:\DOCUME~1\mike\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis.zip\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [bJCFD] D:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [HTpatch] D:\WINDOWS\htpatch.exe

O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] D:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab

O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145809283984

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1146819454125

O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc4.webresponse.one.microsoft.com/...p/TLIEFlash.CAB

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{5F036DF9-3597-4594-ABC0-C9E7ACDE7CEF}: NameServer = 194.117.200.10,194.117.200.15

O18 - Protocol: bw+0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {E7021C8C-9C48-4555-9DC8-A092A5A94E69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe

[bruce lee]

bonjour,

 

micmac74, crée toi un nouveau sujet.

 

pierreforestier, le nouveau rapport concernant beginto et ucmore montre qu'ils ne sont plus presents sur ton PC, beau travail

 

maintenant on va s'attaquer au dernier:

 

utilise reg search et tu mets en recherche powerstrip et tu postes le rapport

 

 

@+

[pierreforestier]

Bonjour!

Voici les derniers rapports demandés:

 

-------------

REGEDIT4

 

; Registry Search 2.0 by Bobbi Flekman © 2005

; Version: 2.0.1.0

 

; Results at 19/05/2006 10:23:42 for strings:

; 'ucmore'

; Strings excluded from search:

; (None)

; Search in:

; Registry Keys Registry Values Registry Data

; HKEY_LOCAL_MACHINE HKEY_USERS

; End Of The Log...

-----------

 

REGEDIT4

 

; Registry Search 2.0 by Bobbi Flekman © 2005

; Version: 2.0.1.0

 

; Results at 19/05/2006 10:25:47 for strings:

; 'beginto'

; Strings excluded from search:

; (None)

; Search in:

; Registry Keys Registry Values Registry Data

; HKEY_LOCAL_MACHINE HKEY_USERS

; End Of The Log...

------------------

 

J'ai encore plusieurs sites qui s'ouvrent dont un de casino flctee1_fr et zebazar.com.

 

Merci,

Pierre