Tom's Guide > Forum > Sécurité - Virus > nouveau sur le forum voici mon log hijackthis(merci a l'avance)voici le 2e log

nouveau sur le forum voici mon log hijackthis(merci a l'avance)voici le 2e log

Forum Sécurité - Virus : nouveau sur le forum voici mon log hijackthis(merci a l'avance)voici le 2e log

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
cocoon33   29-09-2005 à 02:45:22

ben de la misere avec psguard il revient tout le temps

2e log_________________

Logfile of HijackThis v1.99.1
Scan saved at 17:41:53, on 2005-09-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\rundll32.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\No-IP\DUC20.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\stephane rivard\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://cf.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: C:\WINDOWS\adsldpbc.dll - {405132A4-5DD1-4BA8-A181-95C8D435093A} - C:\WINDOWS\adsldpbc.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: C:\WINDOWS\q3705031_disk.dll - {B212D577-05B7-4963-911E-4A8588160DFA} - C:\WINDOWS\q3705031_disk.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O2 - BHO: C:\WINDOWS\system32\clbcatix.dll - {D4DFC1D8-2D2E-4962-B0D0-389FBA0F76B5} - C:\WINDOWS\system32\clbcatix.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [mediamotor.exe] C:\WINDOWS\mmups.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [P.S.Guard] C:\Program Files\P.S.Guard\PSGuard.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O15 - Trusted Zone: *.coolwebsearch.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/ [...] insctl.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signupte [...] -devel.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/ [...] cgdmgr.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O18 - Protocol: bw+0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F3146225-8F4C-4AE7-9F71-1BC8BE9CF19F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: style32 - C:\WINDOWS\q3705031_disk.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe



Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
OmaR   29-09-2005 à 13:42:29
- 0 +

Salut,

1/ Redémarres en mode sans échec

2/ Coches ces lignes et appuyes sur Fix Checked :


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://cf.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fr.msn.com/

O2 - BHO: (no name) - {28E477DB-CE39-F095-61A4-B62E387895B2} - C:\WINDOWS\system32\wjionq.dll (file missing)
O2 - BHO: C:\WINDOWS\adsldpbc.dll - {405132A4-5DD1-4BA8-A181-95C8D435093A} - C:\WINDOWS\adsldpbc.dll

O2 - BHO: C:\WINDOWS\q3705031_disk.dll - {B212D577-05B7-4963-911E-4A8588160DFA} - C:\WINDOWS\q3705031_disk.dll

O2 - BHO: (no name) - {CDA5972A-2AC9-4E30-928B-5430291B24B7} - C:\WINDOWS\system32\rejabi.dll (file missing)
O2 - BHO: C:\WINDOWS\system32\clbcatix.dll - {D4DFC1D8-2D2E-4962-B0D0-389FBA0F76B5} - C:\WINDOWS\system32\clbcatix.dll

O2 - BHO: (no name) - {FB713934-888D-ED22-D0EF-A20FAA904DB5} - C:\WINDOWS\system32\ncqlhpmc.dll (file missing)

O4 - HKLM\..\Run: [Parallel Tasking] C:\Program Files\Parallel Tasking\ptask.exe
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s (utilisé par Kazaa... en as tu besoin ?)

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe

O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"

O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.coolwebsearch.com
O16 - DPF: TruePass EPF 7,0,100,684 - https://blrscr3.egs-seg.gc.ca/apple [...] et-epf.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/ [...] scan60.cab

O20 - Winlogon Notify: clbcatex - C:\WINDOWS\system32\clbcatix.dll
O20 - Winlogon Notify: style2 - C:\WINDOWS\q93707421_disk.dll
O20 - Winlogon Notify: style32 - C:\WINDOWS\q3705031_disk.dll


3/ Affiches tous les fichiers
Outils / Options des dossiers / Affichage
coches "afficher les fichiers cachés"
décoches "masquer les extensions des types connus"
décoches "masquer les fichiers protégés du système d'exploitation"


4/ Supprimes ces programmes :
Panneau de configuration / Ajout/Suppression de programmes
Trouves et supprimes les programmes suivants :


Parallel Tasking
altnet
PSGuard
PartyPoker.net


5/ Supprimes ces fichiers :

C:\WINDOWS\system32\wjionq.dll
C:\WINDOWS\adsldpbc.dll
C:\WINDOWS\q3705031_disk.dll
C:\WINDOWS\system32\rejabi.dll
C:\WINDOWS\system32\clbcatix.dll
C:\WINDOWS\system32\ncqlhpmc.dll
C:\Program Files\Parallel Tasking\ (suppr. ce dossier)
c:\program files\altnet (suppr. ce dossier)
C:\Program Files\PSGuard\ (suppr. ce dossier)
C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\ (vides ce dossier)
C:\Program Files\PartyPoker.net (suppr. ce dossier)
C:\WINDOWS\system32\clbcatix.dll
C:\WINDOWS\q93707421_disk.dll
C:\WINDOWS\q3705031_disk.dll


Les fichiers sans arborescence sont dans C:\Windows ou C:\Windows\system32, ou sinon, fais une recherche !

6/ Redémarres normalement


7/ Passes un coup de CCleaner et de Kaspersky

CCleaner

Kaspersky


8/ Repostes un log (pas en mode sans échec le log !!) ici en nous disant ceux que t'as pas pu supprimer (au cas ou y'en a certains !)

Répondre à OmaR
cocoon33   30-09-2005 à 13:20:52
- 0 +

bon voici mon 2e log c'est pas encore correct mon fond d'ecran est toujours blocké sur system stopped:) j'attends de vos nouvelle.mon 2e log est en haut au lieu de en bas car j'ai ecité le message au lieu de reposter desolé!!

Répondre à cocoon33
alessio@IDN   30-09-2005 à 13:23:33
- 0 +

bonjour telecharge smitfraud fix et choisi l option 1 repond oui a tout cela va te generer un rapport poste le ensuite choisi l option deux et repond oui a tout et reposte un log avec le rapport smitfraud

Répondre à alessio@IDN
_SHAD_   23-02-2007 à 18:50:08
- 0 +

salut je voulait savoir si q1q1 pouvait m'aider ? je soupconne mon pc d'eter infecte!! depuis peu il lui arrive de planter assez souvent et ds la base de registre j'ai ds processus que je n'avais jamais vu avant! pourtant j'ai kaspersky int security e edwido mais ils ne me trouve rien qd je scanne!! donc suis un peu bloque je comprends pas! si q1q1 pouvait m'aider e me dire quooi faire please!!! merci o personne qui me repondrons

Répondre à _SHAD_
bob_   23-02-2007 à 19:23:10
- 0 +

Salut _SHAD_,

Merci de créer ton propre sujet !!

Surtout que tu postes sur un sujet de 2005 :)

En haut de la page tu clikes sur nouveau sujet.

Répondre à bob_
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > nouveau sur le forum voici mon log hijackthis(merci a l'avance)voici le 2e log
Aller à :

Il y a 757 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,623 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens