Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

pc rame

tekila39

Par tekila39
dans Analyses et éradication malwares

 Partager

Messages recommandés

tekila39 Mega Power Member

tekila39

Posté(e)
Posté(e)

bonjours a tous le monde voici mes 2 rapports qui sons longs et tres dur a déchiffrer si vous pouver m'aider ce serait genial merci a tous

 

 

 

 

 

Report file date: dimanche 9 juillet 2006 16:57

 

 

Jobname: 'Manual Selection'

 

Scanning for 284303 virus strains and unwanted programs.

 

Licensed to: AntiVir PersonalEdition Classic

Serialnumber: 0000149996-WURGE-0001

Platform: Windows XP

Windowsversion: (Service Pack 2) [5.1.2600]

Username:

Computername:

 

Versioninformations:

AVSCAN.EXE : 7.0.0.19 524328 23/01/2006 14:35:48

AVSCAN.DLL : 7.0.0.19 42536 23/01/2006 14:35:48

LUKE.DLL : 7.0.0.19 114728 23/01/2006 14:35:48

LUKERES.DLL : 7.0.0.19 27688 23/01/2006 14:35:48

ANTIVIR0.VDF : 6.32.0.60 4323840 06/12/2005 09:47:34

ANTIVIR1.VDF : 6.33.0.97 675328 18/01/2006 13:31:52

ANTIVIR2.VDF : 6.33.0.131 122880 18/01/2006 13:31:52

ANTIVIR3.VDF : 6.33.0.139 28160 18/01/2006 13:31:52

AVEWIN32.DLL : 6.33.0.30 1016320 20/01/2006 10:42:50

AVPREF.DLL : 6.34.0.0 38440 18/01/2006 11:06:02

AVREP.DLL : 6.33.0.106 2301992 10/01/2006 09:10:46

AVPACK32.DLL : 6.33.0.6 331816 09/01/2006 08:03:38

AVREG.DLL : 6.31.0.90 27688 28/07/2005 09:06:36

NETNT.DLL : 6.32.0.0 6696 27/09/2005 06:56:50

NETNW.DLL : 6.32.0.0 9768 27/09/2005 06:56:50

 

 

Start of the scan: dimanche 9 juillet 2006 16:57

 

 

Start scanning boot sectors:

 

Boot sector 'C:'

[NOTE] No virus was found!

 

Starting to scan the registry.

 

The registry was scanned ( 46 files ).

 

 

Starting the file scan:

 

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Bureau\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Bureau\mini-moto\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Bureau\mini-moto\www.ae-mini-moto.com\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Local Settings\Application Data\Microsoft\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Local Settings\Application Data\Microsoft\Messenger\tekila39@free.fr\Sharing Folders\xeigen@free.fr\manon glace\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Local Settings\Temp\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\hack\MDCrack-NG.exe

[0] Archivetype: ZIP SFX (self extracting)

--> bin/MDCrack-NG.exe

[DETECTION] Contains signature of the SPR/PSW.MDCrack program

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\sauvegarde ftp complet\ban\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\sauvegarde ftp complet\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\blok modules\horoscope\Horoscopev1.1\horo\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\blok modules\horoscope\Horoscopev1.1\horo\images\Pack Bleu\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\ava\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\banières\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\boutons\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\folder cs\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\gifs pour site web\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\IMAGES\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\smiley\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\imagess\smiley\smiley2\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\JEUX FLASH\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\nk\nk\nk\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\nk\nk\nk\images\flags\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\nk\nk\nk\images\games\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\nk\nk\nk\images\icones\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\nk\nk\nk\images\puces\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\nk\themes nk\sky1\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\team\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\Sites internet persos\Site Virginie\video\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes fichiers reçus\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\AUTRE\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\cs\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\css\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\logo\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\Mes fichiers reçus\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\Mes photos Logitech\Photos et vidéos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\Nouveau dossier\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\11-06-2006\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\12960302\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\13060312\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\13260318\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\13360326\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\14560603\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\1er gateau manon\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\2003-01 (janv.)\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\2004-12 (déc.)\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\2005-01 (janv.)\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\2005-02 (févr.)\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\2005-03 (mars)\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\accident\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\anni manon 1 an\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\bob\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\cirque\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\david\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\GRIMACES MANON\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\hjjkhjk\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\kadski\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\lan\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\manon glace\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\motorola v3\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\NARBONNE\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\NOEL\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\noel 2004-2\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\Nouveau dossier\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\nouvel an 20052006\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\novembre 2004\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\novembre 2005\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\nyon\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\peche\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\POLIGNY\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\pontarlier\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\spect(acle gym\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\tel\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes images\photos\VALERIE\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes vidéos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes vidéos\14\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes vidéos\film a copier\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\Mes vidéos\k7\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Mes documents\PNG\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\jimmy virginie\Recent\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Mes Sites Web\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Activision\Shrek 2\Help\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\eMule\Incoming\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\eMule\webserver\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Free.fr\Dialer\Dialer.exe

[DETECTION] Contains signature of the dial-up program DIAL/Generic

C:\Program Files\Images Webscan\Images\www.motoflash.it\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Plasmatek Software\ProtectX\protectx.exe

[DETECTION] Contains suspicious code HEURISTIC/Backdoor.VB6

C:\Program Files\Valve\Steam\SteamApps\tekila39400\counter-strike source\cstrike\screenshots\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Visicom Media\FTP Expert 3\pub\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Xfire\downloads\goodgame_eswc_2005_us.rar

[0] Archivetype: RAR

--> goodgame_eswc_2005(us)\src\83456.ico

[DETECTION] Is the Trojan horse TR/Flood.VB.DN.1

--> goodgame_eswc_2005(us)\src\menu\.ico

[DETECTION] Is the Trojan horse TR/Flood.VB.DN.1

C:\tmp\bin\MDCrack-NG.exe

[DETECTION] Contains signature of the SPR/PSW.MDCrack program

C:\tmp\reports\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\$NtServicePackUninstall$\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\BricoPacks\Vista Inspirat\Icons\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\Crystallized\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\LaST (ObjectDock)\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\Longhorn PNG\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\Running Indicators\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\system32\cp.exe

[DETECTION] Is the Trojan horse TR/Drop.Agent.IC

C:\WINDOWS\system32\config\default

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system.LOG

[WARNING] The file could not be opened!

 

 

End of the scan: dimanche 9 juillet 2006 19:19

Used time: 2:21:23 min

 

The scan has been done completely.

 

7153 Scanning directories

238661 Files were scanned

7 viruses and/or unwanted programs was found

5 files were deleted

0 files were repaired

1 files were moved to quarantine

0 files were renamed

1928 Archives were scanned

242 Warnings

1 Notes

 

 

 

 

et hijackthis

 

 

Logfile of HijackThis v1.99.1

Scan saved at 19:28:06, on 09/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\WINDOWS\Mixer.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\program files\valve\steam\steam.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

C:\Documents and Settings\jimmy virginie\Mes documents\DIVERS\protection\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

F3 - REG:win.ini: run=

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [WinLiveUpdate] C:\Program Files\Fichiers communs\Microsoft Shared\DAO\svchost.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Pando] C:\Program Files\Pando Networks\Pando\Pando.exe /Automation

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe

O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe

O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent

O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Register.lnk = C:\Program Files\ZZZ Technologies\SWF2FLA Flash Decompiler\RegReminder.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Save Flash - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210

O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)

O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} - http://www.errorguard.com/installation/Install.cab

O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/pla...5/Installer.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{FA969706-0CFF-411C-A403-2400AA32DD68}: NameServer = 212.27.54.252,212.27.39.135

O18 - Protocol: bw+0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

 

 

 

merci de votre aide car la je pige rien.

centaure Power Member

centaure

Posté(e)
Posté(e) (modifié)

BAJOUR !!!

 

un tit coup de torchon pour commencé :P

 

suprime ca:

 

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} - 000] http://www.errorguard.com/installation/Install.cab

 

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

 

O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/pla...5/Installer.exe

 

ensuite dans ton registre y as une colonie de clé identiques

O18 - Protocol: bwy0s - {3958897E-0D06-48E7-B590-38260B62E2B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

Ensuite nettoie le registre avec RegSeeker. Le tutoriel est ici

 

:P

Modifié par centaure
horus agressor Godlike Member

horus agressor

Posté(e)
Posté(e) (modifié)

Bonjour,

O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
:P

 

Bref, tu as énormément de log au démarrage : Maîtrisez le démarrage de votre PC

http://www.zebulon.fr/articles/msconfig.php , c'est déjà un bon début.

 

Puis tu pourrais appliquer > Pré-Nettoyage d'un PC infecté, procédure pré-HijackThis http://forum.zebulon.fr/index.php?showtopic=83986 , ce qui ne signifie pas que ton PC est infecté, mais cela permettra à un spécialiste de faire le point sur ce que ton C:\ à, ou n'a pas, dans le ventre :P

 

Amicalement.

Modifié par horus agressor
tekila39 Mega Power Member

tekila39

Posté(e)
  • Auteur
Posté(e) (modifié)

merci pour votre aide a tous le monde je m'occupe de tous ca.je pense que je n'ai pas besoin de poster un autre hijackthis .j'ai suivila procedure de netoyage.

 

merci encore.

Modifié par tekila39

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...