analyse hikackthis SVP

analyse hikackthis SVP - Sécurité - Windows & Software

Marsh Posté le 01-06-2005 à 18:44:53    

j'ai pas mal de spyware sur mon PC dont une search toolbar avec mon internet exporer ...si vous pouviez m'aider..svp  
 
voici mon rapport highjackthis:
 
Logfile of HijackThis v1.99.1
Scan saved at 18:40:51, on 01/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\sstray.exe
F:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe
F:\WINDOWS\System32\RUNDLL32.EXE
F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
F:\Program Files\QuickTime\qttask.exe
F:\Program Files 2\Messenger Plus! 3\MsgPlus.exe
F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
F:\WINDOWS\System32\TCAUDIAG.exe
F:\Program Files\Microsoft AntiSpyware\gcasServ.exe
F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
F:\Program Files\Logitech\SetPoint\KEM.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
F:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
f:\progra~1\intern~1\iexplore.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Alwil Software\Avast4\setup\avast.setup
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\Program Files\Soulseek\slsk.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\Chez Wam\Bureau\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rglfkviuclmz.com/fUkZgZ [...] xP6PUO.cgi
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - F:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eMusicClient] F:\Program Files\Winamp\eMusic\eMusicClient.exe
O4 - HKLM\..\Run: [FTP Server] F:\PROGRA~1\FTPSER~1\ftpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [OCAudioIni] F:\Program Files\One-click Audio Converter\OCAudioIni.exe
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Desktop Tool 3] "F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Nero DriveSpeed] F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files 2\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [drv meal copy team] F:\Documents and Settings\All Users\Application Data\PEAK BARB DRV MEAL\Bluesetup.exe
O4 - HKLM\..\Run: [gcasServ] "F:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Internet frag] F:\DOCUME~1\CHEZWA~1\APPLIC~1\DVDSOF~1\fast once.exe
O4 - HKCU\..\Run: [LDM] F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = F:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b30149.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/172a02 [...] 601_fr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b28578.cab
O18 - Protocol: bw+0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - F:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

Reply

Marsh Posté le 01-06-2005 à 18:44:53   

Reply

Marsh Posté le 01-06-2005 à 19:16:17    

Bonsoir, je regarde ton rapport réponse dans un moment

Reply

Marsh Posté le 01-06-2005 à 19:24:21    

Re, télécharge et lance l'uninstall Lop.com:  
 
http://www.thespykiller.co.uk/downloads.htm
 
http://www.thespykiller.co.uk/files/lopremover.exe
 
Attention, il sera peut-être nécessaire de désactiver ton antivirus.
 
Désinstalle cette application: Messenger Plus3 via ajout suppression de programmes. Tu la réinstalleras par la suite en décochant les sponsors.
 
Installe Hijackthis correctement. Navigue jusqu'à C:\Program files et ouvre un nouveau dossier. Nomme le HJT par exemple, tu obtiendras le chemin suivant:
 
C:\HJT\Hijackthis.exe  
 
Poste un nouveau rapport.


Message édité par stonangel le 01-06-2005 à 19:25:30
Reply

Marsh Posté le 01-06-2005 à 19:49:01    

j'ai desinstallé Messenger Plus3 de ma liste de programme...
par contre je peux installer Messenger Plus3 je peux meme pas le telecharger!!  
jai ca quand je veux le telecharger:
http://arnaud.longueville.free.fr/Sans%20titre.bmp

Reply

Marsh Posté le 01-06-2005 à 19:50:22    

j'ai fait une erreur:c'est je peux PAS INSTALLER l'uninstall Lop.com
 
desole

Reply

Marsh Posté le 01-06-2005 à 20:18:06    

Mais non il n'y a pas d'erreur: c'est un faux positif d'Avast, ce qui amuse particulièrement ma gamine quand je vais sur le site! Soit Avast en insistant te laisse passer un dossier compressé et tu le lances, soit tu le désactives ou tu postes un nouveau rapport.

Reply

Marsh Posté le 01-06-2005 à 20:34:16    

j'ai installé le logiciel
je reinstallée HIGHJACKTHIS correctement...voila le nouveau rapport:
 
Logfile of HijackThis v1.99.1
Scan saved at 20:31:56, on 01/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\sstray.exe
F:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe
F:\WINDOWS\System32\RUNDLL32.EXE
F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
F:\Program Files\QuickTime\qttask.exe
F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
F:\WINDOWS\System32\TCAUDIAG.exe
F:\Program Files\Microsoft AntiSpyware\gcasServ.exe
F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
F:\Program Files\Logitech\SetPoint\KEM.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
F:\Program Files\MSN Messenger\MsnMsgr.Exe
F:\Program Files\HJT\HijackThis-1.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jrdbiwniffz.com/fUkZgZd [...] CQf7E.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - F:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eMusicClient] F:\Program Files\Winamp\eMusic\eMusicClient.exe
O4 - HKLM\..\Run: [FTP Server] F:\PROGRA~1\FTPSER~1\ftpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [OCAudioIni] F:\Program Files\One-click Audio Converter\OCAudioIni.exe
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Desktop Tool 3] "F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Nero DriveSpeed] F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [gcasServ] "F:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [LDM] F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = F:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b30149.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/172a02 [...] 601_fr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b28578.cab
O18 - Protocol: bw+0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - F:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

Reply

Marsh Posté le 01-06-2005 à 20:42:14    

Bonsoir, je regarde ton rapport réponse dans un moment.

Reply

Marsh Posté le 01-06-2005 à 21:01:02    

Re, télécharge et installe CleanUp
http://downloads.stevengould.org/cleanup/CleanUp40.exe
 
Démarre Hijackthis Do a system scan only, assure toi que la case Make Backups before fixing items est activée et coche les lignes suivantes:
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jrdbiwniffz.com/fUkZgZd [...] CQf7E.html
 
R3 - Default URLSearchHook is missing
 
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
 
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
 
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
 
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b30149.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/172a02 [...] 601_fr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b28578.cab
 
O18 - Protocol: bw+0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {63F680AA-8000-47D3-9E02-11164F154FE0} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
 
Ferme toutes les fenêtres, tous les programmes et clique sur Fix checked
 
Lance CleanUp
 
Redémarre et poste un nouveau rapport Hijackthis pour vérification.
 

Reply

Marsh Posté le 01-06-2005 à 21:25:29    

voila mmon nouveau rapport apres avoir lancer Clean Up :
 
Logfile of HijackThis v1.99.1
Scan saved at 21:23:41, on 01/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\sstray.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe
F:\WINDOWS\System32\RUNDLL32.EXE
F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
F:\WINDOWS\System32\TCAUDIAG.exe
F:\Program Files\Microsoft AntiSpyware\gcasServ.exe
F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
F:\Program Files\Logitech\SetPoint\KEM.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
F:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
F:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Program Files\MSN Messenger\MsnMsgr.Exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\WINDOWS\System32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\HJT\HijackThis-1.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jrdbiwniffz.com/fUkZgZd [...] CQf7E.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - F:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eMusicClient] F:\Program Files\Winamp\eMusic\eMusicClient.exe
O4 - HKLM\..\Run: [FTP Server] F:\PROGRA~1\FTPSER~1\ftpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OCAudioIni] F:\Program Files\One-click Audio Converter\OCAudioIni.exe
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Desktop Tool 3] "F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Nero DriveSpeed] F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [gcasServ] "F:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [LDM] F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = F:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - F:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

Reply

Marsh Posté le 01-06-2005 à 21:25:29   

Reply

Marsh Posté le 01-06-2005 à 21:38:07    

Re, c'est mieux reste cette page de redirection. Télécharge CWShredder  
 
http://www.intermute.com/spysubtra [...] nload.html
installe dans un répertoire dédié et mets à jour. Lance CWShredder puis Fix.
 
Démarre en mode sans échec (F5 ou F8)
 
Lance Hijackthis, scan et coche:
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jrdbiwniffz.com/fUkZgZd [...] CQf7E.html
 
Ferme toutes les fenêtres, tous les programmes puis Fix checked.

Démarre normalement et poste un nouveau rapport pour vérification.
 
 
 
 

Reply

Marsh Posté le 01-06-2005 à 22:12:32    

j'ai fai fix avec le logicel....
 
par contre quand je redemarre je peux pas le faire en mode sans echec!!F5 et F8 ne repondent pas..j'ai un clavier sans fil Logitech,pourtant ces 2 touches ne sont pas programmées comme raccourcis..

Reply

Marsh Posté le 01-06-2005 à 22:25:21    

Reply

Marsh Posté le 01-06-2005 à 22:29:50    

arno92240 a écrit :

j'ai fai fix avec le logicel....
 
par contre quand je redemarre je peux pas le faire en mode sans echec!!F5 et F8 ne repondent pas..j'ai un clavier sans fil Logitech,pourtant ces 2 touches ne sont pas programmées comme raccourcis..


 
C'est récent?  

Reply

Marsh Posté le 01-06-2005 à 22:36:02    

Reply

Marsh Posté le 01-06-2005 à 22:56:48    

pour mon clavie je t'avouerai que j'ai jamais redemarrer en mode sans echec,donc j'ai jamais pu verifier avant...
 
j'ai retiré la derniere ligne..
 
voila mon dernier rapport:
 
 
Logfile of HijackThis v1.99.1
Scan saved at 22:53:54, on 01/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\WINDOWS\System32\wuauclt.exe
F:\WINDOWS\System32\sstray.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe
F:\WINDOWS\System32\RUNDLL32.EXE
F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
F:\WINDOWS\System32\TCAUDIAG.exe
F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
F:\Program Files\Logitech\SetPoint\KEM.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
F:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\HJT\HijackThis-1.exe
 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - F:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eMusicClient] F:\Program Files\Winamp\eMusic\eMusicClient.exe
O4 - HKLM\..\Run: [FTP Server] F:\PROGRA~1\FTPSER~1\ftpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OCAudioIni] F:\Program Files\One-click Audio Converter\OCAudioIni.exe
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Desktop Tool 3] "F:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Nero DriveSpeed] F:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = F:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - F:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
(j'ai remarké que lorsque j'ai redemarrée en mode normal,apres etre passé en mode sans echec,la ligne etait revenu..j'ai refait la manip que tu m'avais dit avec Fix...j'obtiens le rapport ci dessus)

Reply

Marsh Posté le 01-06-2005 à 23:02:46    

Super! Je regarde ton nouveau rapport réponse dans quelques instants.

Reply

Marsh Posté le 01-06-2005 à 23:08:41    

Re, ton rapport est propre. Si tu souhaites réinstaller Messenger Plus n'oublie pas de décocher les sponsors. Bonne fin de soirée et bon surf  :hello:

Reply

Marsh Posté le 01-06-2005 à 23:19:06    

MERCI BEAUCOUP!!!!! :)  
 
jsute un dernier petit truc...et je te laisse tranquille...pour mon clavier qui merde:c'est a dire que je peux pas passer en mode sans echec avec la touche F8...ta des solutions??

Reply

Marsh Posté le 01-06-2005 à 23:25:51    

Oui, si c'est très récent paramètre Hijackthis ainsi:
 
Scan> Config (dans le rectangle Other stuff)> Backups> Coche toutes les lignes 018 et clique sur restore.
 
Redémarre et dis ce qu'il en est.

Reply

Marsh Posté le 01-06-2005 à 23:44:07    

j'ai fait ce que tu ma dit mais quand je redemarre je peux toujours pas utiliser F8 pour le mode sans echec...
ca fait depuis 2/3 semaines que j'ai ca...de plus au demarage du PC,au debut du BIOS quand je dois appuyer sur ENTER pour selectionner Windows XP,ca marche pas,je dois attendre que le decompte de 30sec passe,je peux pas passer ce decompte en appuyant sur ENTER...j'ai souvenir que ca ai marche

Reply

Marsh Posté le 02-06-2005 à 18:34:27    

un dernier petit truc..quand j'ai installé l'uninstall Lop.com tu ma dit kil fallait desintallé Avast parce que j'avais eu un "faux positf de Avast" , maintenant qua j'ai remis Avast ,a chaque demarrage de windows , jai cette fausse alerte comme quoi j'ai un trojan...comme tu ma l'a dit,je sias que c'est un faux mais ya pas moyen de retirer cette fausse alerte a chaque demarage de windows?
   

Reply

Marsh Posté le 02-06-2005 à 18:40:57    

Bonsoir mets dans la corbeille l'unistall lop et vide la. Pas désinstaller, désactiver...


Message édité par stonangel le 02-06-2005 à 18:41:14
Reply

Marsh Posté le 02-06-2005 à 18:51:31    

ok!merci!
maintenant faut que je regle ce probleme de clavier ...

Reply

Marsh Posté le    

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed