Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Déjà une semaine que j'attends de l'aide,soeur Anne

Gabin francis

Par Gabin francis
dans Analyses et éradication malwares

 Partager

Messages recommandés

Gabin francis Member

Gabin francis

Posté(e)
Posté(e)

Bonsoir et merci d'avance à celui qui voudra bien m'aider à virer les choses qui sont de trop dans ce rapport

et surtout me dire comment les virer.

 

03:35 15/07/2006

 

Logfile of HijackThis v1.99.1

Scan saved at 03:35:28, on 15/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\cisvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\taskmgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Microsoft Office\Office10\WINWORD.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://telechargement.zebulon.fr/233-zeb-restore.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - http://selfcare.cegetel.net/templates/stat...FAutoConfig.ocx

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1107271248140

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

O17 - HKLM\System\CCS\Services\Tcpip\..\{52DD1178-C4BF-45EF-9608-7B64EEFFCA18}: NameServer = 86.64.145.143 84.103.237.143

O18 - Protocol: bw+0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\notepad.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Bonjour,

 

Fais ceci s'il te plait :

Menu Démarrer / executer et tape msconfig

Dans l'onglet général, assure toi que démarrage normal est coché, sinon coche le

Clic sur OK

Redémarre l'ordinateur

Génére un nouveau rapport HijackThis et copie/colle le contenu ici.

Gabin francis Member

Gabin francis

Posté(e)
  • Auteur
Posté(e)

Bonjour,

 

Fais ceci s'il te plait :

Menu Démarrer / executer et tape msconfig

Dans l'onglet général, assure toi que démarrage normal est coché, sinon coche le

Clic sur OK

Redémarre l'ordinateur

Génére un nouveau rapport HijackThis et copie/colle le contenu ici.

Bonjour et merci de t'occuper de moi.

En fait voilà seulement que je sais comment lire mes messages.

J'espère qu'avec ce nouveau rapport tu va pouvoir m'aider encore merci. :P

03:56 16/07/2006

 

Scan saved at 03:54:34, on 16/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: InterLogfile of HijackThis v1.99.1

net Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\cisvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.zebulon.fr/index.php?act=Sear...s&lastdate=

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://www.lizardtech.com/download/files/w...ntrol_en_US.cab

O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - http://selfcare.cegetel.net/templates/stat...FAutoConfig.ocx

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1107271248140

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} -

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

O18 - Protocol: bw+0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\notepad.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Voici la manipulation à effectuer en entier

Si certains éléments ne sont pas trouvés, merci de le signaler mais de poursuivre les manipulations jusqu'au bout.

 

 

Sur HijackThis, refais un scan et coches les lignes suivantes :

 

O20 - AppInit_DLLs: C:\WINDOWS\system32\notepad.dll

 

---> puis clic sur le bouton "Fix Checked"

n'hésite pas à consulter l'aide HijackThis

 

- Télécharge et installe ewido

- Mets le à jour à partir du menu update en haut, n'hésite pas à consulter l'Aide ewido pour tout problème.

- Télécharge clean.zip, décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

 

-- Redémarre en mode en mode sans échec, si tu sais pas comment on fait lis ceci

-- Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

 

 

- Ouvre ewido et clic sur l'onglet Scanner en haut

- Démarre ewido et clique "Complete System Scan"

** Si un fichier est infecté, choisis l'option " Apply All Actions " en fin d'analyse **

Clique sur " Save Report " puis sur " Save Report As "

Enregistre ce fichier texte sur ton bureau.

N'hésite pas à consulter l'Aide ewido pour tout problème.

 

 

-- Redémarre en mode normal : Menu Démarrer / Arreter / Redémarre l'ordinateur

Attention : dans le cas où l'ordinateur redémarre en boucle en mode sans échec, faire la manipulation inverse en décochant l'option /SAFEBOOT à l'aide de msconfig : voir à nouveau cette page : cliquez-ici

 

-- Fais un scan en ligne avec Internet Explorer : Scan Kaspersky et colle le rapport ici. Si tu es perdu, tu peux suivre cette aide pour les scans en ligne

-- Copie/Colle ici les rapports :

- ewido

- le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

- ainsi qu'un nouveau log HijackThis

Gabin francis Member

Gabin francis

Posté(e)
  • Auteur
Posté(e)

Voici la manipulation à effectuer en entier

Si certains éléments ne sont pas trouvés, merci de le signaler mais de poursuivre les manipulations jusqu'au bout.

 

- Télécharge et installe ewido

- Mets le à jour à partir du menu update en haut, n'hésite pas à consulter l'Aide ewido pour tout problème.

 

bonjour 'Malekal_morte' .

Je ne sais pas comment faire, impossible de Télécharger ewido,je clic sur le lien,une page blanche s'ouvre et puis plus rien,quand je veux fermer la page impossible,je suis obligé d'aller dans le gestionnaire des tâches et faire fin de tâche à ce moment là tout inernet explorer s'arrête.

Donc je ne sais pas si je dois continuer ta procedure ou non ? :P:P

Gabin francis Member

Gabin francis

Posté(e)
  • Auteur
Posté(e)

Tu peux le télécharger depuis une machine tiers et le transférer par clef usb ?

Non je ne connais personne qui peux me le télécharger. Merci quand même de m'avoir aidé.

Gabin francis Member

Gabin francis

Posté(e)
  • Auteur
Posté(e)

Tu peux le télécharger depuis une machine tiers et le transférer par clef usb ?

Réponse:Non je ne connais personne qui peux me le télécharger. Merci quand même de m'avoir aidé.

Ca y est j'ai réussi à le téléchargé ! En fait "grizor" était inscrit dans mes sites sensibles et je l'ai supprimé, je ne sais pas comment il s'est retrouvé là dedans mais je suis fière de l'avoir déniché.Je vais enfin pouvoir poursuivre ton mode opératoire et te soumettre mes rapports. à bientôt 'Malekal_morte' :P

Gabin francis Member

Gabin francis

Posté(e)
  • Auteur
Posté(e)

-- Fais un scan en ligne avec Internet Explorer : Scan Kaspersky et colle le rapport ici. Si tu es perdu, tu peux suivre cette aide pour les scans en ligne

-- Copie/Colle ici les rapports :

- ewido

- le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

- ainsi qu'un nouveau log HijackThis

_______________________________________________________________________

Bonjour"Malekal morte"Comme promis voici mes rapports,merci d'avance pour le temps que tu va passer pour moi.gabin francis amicalement.

-----------------------------------------------------------------------

RAPPORT: KASPERSKY

06:12 22/07/2006

 

KASPERSKY ONLINE SCANNER REPORT

Saturday, July 22, 2006 6:08:49 AM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.83.0

Kaspersky Anti-Virus database last update: 22/07/2006

Kaspersky Anti-Virus database records: 196548

 

Scan Settings

Scan using the following antivirus database standard

Scan Archives true

Scan Mail Bases true

 

Scan Target My Computer

A:\

C:\

D:\

E:\

F:\

 

Scan Statistics

Total number of scanned objects 61190

Number of viruses found 6

Number of infected objects 6 / 0

Number of suspicious objects 0

Duration of the scan process 01:47:26

 

Infected Object Name Virus Name Last Action

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

 

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

 

C:\Documents and Settings\GUY\Application Data\Microsoft\Templates\Normal.dot Object is locked skipped

 

C:\Documents and Settings\GUY\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\GUY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\GUY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\GUY\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\GUY\Local Settings\Historique\History.IE5\MSHist012006072220060723\index.dat Object is locked skipped

 

C:\Documents and Settings\GUY\Local Settings\Temp\~DF3818.tmp Object is locked skipped

 

C:\Documents and Settings\GUY\Local Settings\Temp\~DF4630.tmp Object is locked skipped

 

C:\Documents and Settings\GUY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\GUY\ntuser.dat Object is locked skipped

 

C:\Documents and Settings\GUY\ntuser.dat.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

 

C:\Program Files\Trend Micro\PC-cillin 2002\QUARANTINE\1.tmp Infected: Trojan-Downloader.Win32.PurityScan.cq skipped

 

C:\Program Files\Trend Micro\PC-cillin 2002\QUARANTINE\2.tmp Infected: Trojan-Clicker.Win32.VB.fc skipped

 

C:\Program Files\Trend Micro\PC-cillin 2002\QUARANTINE\3.tmp Infected: Trojan-Downloader.Win32.VB.afv skipped

 

C:\Program Files\Trend Micro\PC-cillin 2002\QUARANTINE\53.tmp Infected: Trojan-Downloader.Win32.PurityScan.co skipped

 

C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped

 

C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped

 

C:\System Volume Information\catalog.wci\00010004.ci Object is locked skipped

 

C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped

 

C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped

 

C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped

 

C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped

 

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

C:\System Volume Information\_restore{89F51439-177C-45AF-B152-A9B89BE0D3FA}\RP1\change.log Object is locked skipped

 

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

 

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

 

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

 

C:\WINDOWS\Sti_Trace.log Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

 

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\default Object is locked skipped

 

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SAM Object is locked skipped

 

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\software Object is locked skipped

 

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\system Object is locked skipped

 

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

 

C:\WINDOWS\system32\h323log.txt Object is locked skipped

 

C:\WINDOWS\system32\hp100.tmp Infected: Trojan-Downloader.Win32.Zlob.vn skipped

 

C:\WINDOWS\system32\simpole.tlb Infected: Trojan-Downloader.Win32.Zlob.vw skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

 

C:\WINDOWS\wiadebug.log Object is locked skipped

 

C:\WINDOWS\wiaservc.log Object is locked skipped

 

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

F:\Désinfection de virus et dépannages\Procédure à suivre de malekal morte.doc Object is locked skipped

 

Scan process completed.

__________________________________________________________

 

RAPPORT: ewido

 

02:57 22/07/2006

---------------------------------------------------------

ewido anti-spyware - Scan Report

---------------------------------------------------------

+ Created at: 02:57:31 22/07/2006

 

+ Scan result:

 

C:\WINDOWS\system32\Uninstallsss.exe -> Adware.GAINNetwork : Cleaned with backup (quarantined).

C:\WINDOWS\system32\ktr8l79u1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\Documents and Settings\GUY\Local Settings\Temp\temp.fr4EA1 -> Adware.PurityScan : Cleaned with backup (quarantined).

C:\WINDOWS\system32\pzlj.dll -> Adware.PurityScan : Cleaned with backup (quarantined).

C:\WINDOWS\Міcrosoft\eхplorer.exe -> Adware.PurityScan : Cleaned with backup (quarantined).

C:\Downloads\InsaniquariumDeluxeSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).

C:\Documents and Settings\JIMMY\Cookies\jimmy@install.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned.

C:\Documents and Settings\GUY\Cookies\guyot@estat[1].txt -> TrackingCookie.Estat : Cleaned.

C:\Documents and Settings\GUY\Cookies\guyot@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.

C:\Documents and Settings\JIMMY\Cookies\jimmy@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.

C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).

::Report end

_______________________________________________________________

 

RAPPORT clean:

06:21 22/07/2006

 

Script clean par Malekal_morte - http://www.malekal.com

 

*** SUPPRESSION DES FICHIERS

 

*** Suppressions de trojans/vers sur...

C:\Trelew.exe FOUND

C:\WINDOWS\keyboard*.dat FOUND

C:\WINDOWS\smdat32m.sys FOUND

C:\WINDOWS\unvise32qt.exe FOUND

C:\WINDOWS\system32\divxsm.exe FOUND

C:\WINDOWS\system32\notepad.dll FOUND

Impossible de supprimer C:\WINDOWS\system32\notepad.dll

C:\WINDOWS\system32\ot.ico FOUND

 

*** Suppressions des adware connus...

C:\WINDOWS\system32\wintsvtr.exe FOUND

C:\WINDOWS\system32\notepad.dll FOUND

Impossible de supprimer C:\WINDOWS\system32\notepad.dll

_________________________________________________________

 

RAPPORT:HijackThis

06:17 22/07/2006

 

Logfile of HijackThis v1.99.1

Scan saved at 06:17:16, on 22/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\cisvc.exe

C:\Program Files\ewido anti-spyware 4.0\guard.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Microsoft Office\Office10\WINWORD.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zebulon.fr/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://www.lizardtech.com/download/files/w...ntrol_en_US.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} - http://selfcare.cegetel.net/templates/stat...FAutoConfig.ocx

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1107271248140

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} -

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

O17 - HKLM\System\CCS\Services\Tcpip\..\{52DD1178-C4BF-45EF-9608-7B64EEFFCA18}: NameServer = 84.103.237.143 86.64.145.143

O18 - Protocol: bw+0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {8120412A-7959-4F86-A08D-E43DE61519BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

-- Télécharge SmitfraudFix

-- Fais un clic droit puis Extraire tout sur le fichier SmitfraudFix.zip, cela va tout décompresser dans un nouveau dossier SmitFraudfix

-- Ouvre le dossier SmitfraudFix double clic sur SmitfraudFix.cmd (ne

clique sur aucun autre fichier!!!)

-- Choisis l'option 1 et appuie sur Entrée

-- Réponds o (Oui) aux deux questions suivantes si elles sont posées

-- Un rapport sera généré sauvegarde le dans un dossier

-- Copie/colle le contenu du rapport ici

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...