VIRUS TROJ.AGENT.AHO
Dernière réponse : dans Sécurité
bonjour, j'avais posté un message hier soir, mais je n'avais pas eu de réponse, s'il vous plait, aidez moi, je ne sait plus quoi faire. mon pc s'eteint tout seul, mais avast arrive a me dire que j'ai le virus troj.agent.aho. mais je ne sait plus quoi faire.
S'il vous plait aidez moi....
S'il vous plait aidez moi....
Autres pages sur : virus troj agent aho
Lassé par la pub ? Créez un compte
Salut,
Tu aurais du rester sur ton poste original (tu fais un "UP" si tu n'as pas de réponse dans les heures qui suivent) bref...
Poste un log HijackThis.
Télécharge le, puis met le dans un dossier dédié.
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
Tu aurais du rester sur ton poste original (tu fais un "UP" si tu n'as pas de réponse dans les heures qui suivent) bref...
Poste un log HijackThis.
Télécharge le, puis met le dans un dossier dédié.
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
merci d'avoir repondu si rapidement ! avant d'avoir vu vos messages, grace a spyware nuker g un rappoart :
Spyware Nuker XT Detection Report
Scan Started: 02/09/2006 08:17
Software Version: 4.6.43.1650
Database Version: 2/6/2006 08:46:53 AM
Operating System: Windows XP 5.1.2600 []
Web Browser(s): IE:6.0.2600.0000;
AdTech
969-55888 A cookie that is shared among websites to track your web surfing habits.
Cookie Internet Explorer | adtech.de/ | CfP | 1
Adware.Popuppers
1166-61767 Retrieves and displays pop-up advertisements from the internet.
File C:\a.bmp
File C:\WINDOWS\IEMonitor.ocx
Registry Key HKEY_CLASSES_ROOT\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}
Registry Key HKEY_CLASSES_ROOT\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}
Registry Key HKEY_CLASSES_ROOT\IEMonitor.cBrowsers
Registry Key HKEY_CLASSES_ROOT\IEMonitor.IEEvents
Registry Key HKEY_CLASSES_ROOT\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}
Registry Key HKEY_CLASSES_ROOT\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}
Registry Key HKEY_CLASSES_ROOT\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}
Registry Key HKEY_CLASSES_ROOT\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}
Adware.Roings
853-59118 Connects to it's controlling server to retrieve and display pop-up advertisements.
File C:\WINDOWS\Downloaded Program Files\m67m.inf
Bluestreak
819-49880 A cookie that is shared among websites to track your web surfing habits.
Cookie Internet Explorer | bluestreak.com/ | id | 3622100163...
EyeBlaster
979-55898 A cookie that is shared among websites to track your web surfing habits.
Cookie Internet Explorer | bs.serving-sys.com/ | eyeblaster | BWVal=968&...
Cookie Internet Explorer | serving-sys.com/ | AdInfo | 200979%2d2...
IEmpview
929-54609 Compromises Windows security, allows files to be silently downloaded, and can allow remote access to an infected computer. Files continuously duplicate themselves.
Registry Value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3:1609:0
Registry Value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3:1609:0
Kazaa
953-55546 Bundles adware programs and reinstalls them after they have been removed.
Registry Key HKEY_CLASSES_ROOT\magnet
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Magnet
Trojan.Lsass
1156-61525 Silently connects to a remote location where it downloads other files. Opens certain ports and attempts to disable certain security features on an infected computer. May cause your system to shutdown.
Registry Value HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate![:D]( ":D")
oNotAllowXPSP2
Registry Key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdriv
Registry Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdriv
WindUpdates
708-59584 Downloads additional Adware and Trackware to your computer without the users permission. License Agreement gives itself permission to advertise on your computer.
Folder C:\Program Files\Media Gateway
Registry Value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs:C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll
mais pour moi c''st du chinois, je ne sais pas quoi faire avec ça, je v faire la meme chose avec l'autre que vous m'avez dis, mais mainteant avec panda, il me dis qu'il y a une erreur, et je n'arrive pas a le scanner.
Spyware Nuker XT Detection Report
Scan Started: 02/09/2006 08:17
Software Version: 4.6.43.1650
Database Version: 2/6/2006 08:46:53 AM
Operating System: Windows XP 5.1.2600 []
Web Browser(s): IE:6.0.2600.0000;
AdTech
969-55888 A cookie that is shared among websites to track your web surfing habits.
Cookie Internet Explorer | adtech.de/ | CfP | 1
Adware.Popuppers
1166-61767 Retrieves and displays pop-up advertisements from the internet.
File C:\a.bmp
File C:\WINDOWS\IEMonitor.ocx
Registry Key HKEY_CLASSES_ROOT\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}
Registry Key HKEY_CLASSES_ROOT\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}
Registry Key HKEY_CLASSES_ROOT\IEMonitor.cBrowsers
Registry Key HKEY_CLASSES_ROOT\IEMonitor.IEEvents
Registry Key HKEY_CLASSES_ROOT\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}
Registry Key HKEY_CLASSES_ROOT\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}
Registry Key HKEY_CLASSES_ROOT\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}
Registry Key HKEY_CLASSES_ROOT\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}
Adware.Roings
853-59118 Connects to it's controlling server to retrieve and display pop-up advertisements.
File C:\WINDOWS\Downloaded Program Files\m67m.inf
Bluestreak
819-49880 A cookie that is shared among websites to track your web surfing habits.
Cookie Internet Explorer | bluestreak.com/ | id | 3622100163...
EyeBlaster
979-55898 A cookie that is shared among websites to track your web surfing habits.
Cookie Internet Explorer | bs.serving-sys.com/ | eyeblaster | BWVal=968&...
Cookie Internet Explorer | serving-sys.com/ | AdInfo | 200979%2d2...
IEmpview
929-54609 Compromises Windows security, allows files to be silently downloaded, and can allow remote access to an infected computer. Files continuously duplicate themselves.
Registry Value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3:1609:0
Registry Value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3:1609:0
Kazaa
953-55546 Bundles adware programs and reinstalls them after they have been removed.
Registry Key HKEY_CLASSES_ROOT\magnet
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Magnet
Trojan.Lsass
1156-61525 Silently connects to a remote location where it downloads other files. Opens certain ports and attempts to disable certain security features on an infected computer. May cause your system to shutdown.
Registry Value HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
oNotAllowXPSP2 Registry Key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdriv
Registry Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdriv
WindUpdates
708-59584 Downloads additional Adware and Trackware to your computer without the users permission. License Agreement gives itself permission to advertise on your computer.
Folder C:\Program Files\Media Gateway
Registry Value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs:C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll
mais pour moi c''st du chinois, je ne sais pas quoi faire avec ça, je v faire la meme chose avec l'autre que vous m'avez dis, mais mainteant avec panda, il me dis qu'il y a une erreur, et je n'arrive pas a le scanner.
panda me reponds ça :
Error on downloading ActiveScanAn error has occurred downloading Panda ActiveScan. Please repeat the process. If the error occurs again, restart your system and try againPossible causes of this error are:
Not allowing the application's ActiveX control to be downloaded.
Problems with the Internet connection.
The error could be due to a download error or an installation error due to lack of hard disk space, privileges etc.,...
Error on downloading ActiveScanAn error has occurred downloading Panda ActiveScan. Please repeat the process. If the error occurs again, restart your system and try againPossible causes of this error are:
Not allowing the application's ActiveX control to be downloaded.
Problems with the Internet connection.
The error could be due to a download error or an installation error due to lack of hard disk space, privileges etc.,...
merci voici le rapport avece hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 12:45:40, on 09/02/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\wx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ABC\abc.exe
D:\Down Load\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Java] C:\wx.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SWN2] C:\Program Files\Spyware Nuker\swnxt.exe /h
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} - http://cabs.media-motor.net/cabs/joysaver.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp02.photoprintit.de/microsite/1156/defaults/ac...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: bw+0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: microsoftdvdhelp (MicrosoftDVD) - Unknown owner - C:\WINDOWS\msdvd.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
mais encore uen fois je ne sais ce que ça veut dire
Logfile of HijackThis v1.99.1
Scan saved at 12:45:40, on 09/02/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\wx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ABC\abc.exe
D:\Down Load\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Java] C:\wx.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SWN2] C:\Program Files\Spyware Nuker\swnxt.exe /h
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} - http://cabs.media-motor.net/cabs/joysaver.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp02.photoprintit.de/microsite/1156/defaults/ac...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: bw+0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4C0BA00A-456B-45FA-9E55-09F1D76CE457} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: microsoftdvdhelp (MicrosoftDVD) - Unknown owner - C:\WINDOWS\msdvd.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
mais encore uen fois je ne sais ce que ça veut dire
Spyware Nuker est un spyware!
0/ Desinstalle via Ajout/Suppression programme (si existe):
Spyware Nuker
1/ Redemarre en mode sans echec
2/ Lance Hijackthis ->Do a system scan only
->Coche les lignes puis Fix checked
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about :blank
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O4 - HKLM\..\Run: [Java] C:\wx.exe
O4 - HKLM\..\Run: [SWN2] C:\Program Files\Spyware Nuker\swnxt.exe /h
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} - http://cabs.media-motor.net/cabs/joysaver.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
Assure toi d'avoir acces au dossier/fichiers caches
->Panneau de configuration
->Options dossiers
->Coche Afficher les dossiers caches
Decoche Masquer les extensions...
Decoche Masquer les fichiers proteges...
3/ Suppime ces fichiers/dossiers si existe
C:\wx.exe
C:\Program Files\Spyware Nuker
4/ Lance un nettoyage Ccleaner
5/ Lance un scan Ewido Ad Aware Spybot (mis a jour)
6/ Fais un scan en ligne Panda
Poste le rapport
7/ Reposte un log Hijackthis
0/ Desinstalle via Ajout/Suppression programme (si existe):
Spyware Nuker
1/ Redemarre en mode sans echec
2/ Lance Hijackthis ->Do a system scan only
->Coche les lignes puis Fix checked
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about :blank
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O4 - HKLM\..\Run: [Java] C:\wx.exe
O4 - HKLM\..\Run: [SWN2] C:\Program Files\Spyware Nuker\swnxt.exe /h
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} - http://cabs.media-motor.net/cabs/joysaver.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
Assure toi d'avoir acces au dossier/fichiers caches
->Panneau de configuration
->Options dossiers
->Coche Afficher les dossiers caches
Decoche Masquer les extensions...
Decoche Masquer les fichiers proteges...
3/ Suppime ces fichiers/dossiers si existe
C:\wx.exe
C:\Program Files\Spyware Nuker
4/ Lance un nettoyage Ccleaner
5/ Lance un scan Ewido Ad Aware Spybot (mis a jour)
6/ Fais un scan en ligne Panda
Poste le rapport
7/ Reposte un log Hijackthis
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus detecte troj agent.aeua
- ForumVirus infecte par troj agent.puf
- ForumVirus troj conhook
- ForumVirus troj generic dans bitdefendeur
- ForumSupprimer virus troj bho.of
- ForumVirus troj gen
- ForumInfectee par le virus troj generic
- ForumEffacer virus troj access k
- ForumInfecte par troj agent owz
- ForumVirus troj winshow.z
- Voir plus
