gros problemes spywrares
Forum Sécurité - Virus : gros problemes spywrares
bonjour
je vient d'analyser mon pc et cela marche pour le premiere fois.on a detecté 64 spywares mais je dois payer our désinfecter!
que dois je faire pour détruire ces 64 spyware gratuitement??
merci
biz
Bonjour
Qui te trouve ces infections ?
Télécharge HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://perso.orange.fr/rginformati [...] hijack.htm
Fais un scan et poste l'analyse ici.
Logfile of HijackThis v1.99.1
Scan saved at 10:36:30, on 20/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - C:\WINDOWS\system32\SHDOCVW.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand2526.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Ref blue meow cake] C:\Documents and Settings\All Users\Application Data\skip atom ref blue\Stopfirst.exe
O4 - HKLM\..\Run: [Blubster] C:\PROGRA~1\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [mfcdscr] C:\DOCUME~1\max\APPLIC~1\FINDBI~1\RuleLocksIdle.exe
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/sc [...] mailto.htm
O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/sc [...] elated.htm
O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/sc [...] review.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b55762.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activ [...] asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b55579.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O18 - Protocol: bw+0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Bonjour
Infection Lop (entre autre). Télécharge LopxpMH sur ton Bureau.
http://perso.numericable.fr/~altsh [...] pxpMH2.zip
Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
Poste le contenu du rapport qui va s'ouvrir.
## Répertoires Application Data
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\Administrateur\Application Data
08/01/2005 10:37 <REP> .
08/01/2005 10:37 <REP> ..
08/01/2005 10:44 <REP> Adobe
08/01/2005 11:00 <REP> AdobeUM
10/12/2005 12:45 <REP> FotoWire
20/01/2005 16:33 <REP> Help
08/01/2005 10:56 <REP> Identities
21/10/2005 20:01 <REP> Macromedia
08/01/2005 10:37 <REP> Microsoft
12/02/2005 12:37 <REP> The Labyrinth Plus! Edition
08/01/2005 10:37 62 desktop.ini
1 fichier(s) 62 octets
10 R‚p(s) 47ÿ058ÿ939ÿ904 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data
08/01/2005 10:37 <REP> .
08/01/2005 10:37 <REP> ..
08/01/2005 11:00 <REP> Adobe
22/01/2005 14:42 <REP> Ahead
23/12/2005 18:16 <REP> ApplicationHistory
08/01/2005 10:57 <REP> Copernic
20/01/2005 16:33 <REP> Help
23/12/2005 18:17 <REP> HP
22/01/2005 17:15 <REP> Identities
23/12/2005 18:19 <REP> IsolatedStorage
10/12/2005 12:53 <REP> Logitech-LS
08/01/2005 10:37 <REP> Microsoft
11/12/2005 16:06 11ÿ264 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
23/12/2005 18:16 137 fusioncache.dat
10/01/2005 09:19 42ÿ560 GDIPFONTCACHEV1.DAT
08/01/2005 12:37 2ÿ639ÿ970 IconCache.db
4 fichier(s) 2ÿ693ÿ931 octets
12 R‚p(s) 47ÿ058ÿ939ÿ904 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\All Users\Application Data
08/01/2005 11:27 <REP> .
08/01/2005 11:27 <REP> ..
08/01/2005 10:44 <REP> Adobe
09/09/2006 09:51 <REP> BitDefender
17/03/2007 12:48 <REP> CanonBJ
25/12/2006 13:07 <REP> DVD Shrink
29/10/2006 11:21 <REP> Google
17/03/2007 12:57 <REP> InstallShield
08/01/2005 11:27 <REP> Microsoft
08/01/2005 10:54 <REP> MSN Messenger 6.2.0137
03/04/2005 14:57 <REP> nView_Profiles
17/03/2007 17:11 <REP> PC Tools
17/03/2007 12:56 <REP> ScanSoft
28/12/2006 20:42 <REP> skip atom ref blue
08/09/2005 17:52 <REP> Spybot - Search & Destroy
07/10/2005 18:50 <REP> Windows Genuine Advantage
08/01/2005 11:27 62 desktop.ini
23/12/2005 18:10 784 hpzinstall.log
2 fichier(s) 846 octets
16 R‚p(s) 47ÿ058ÿ939ÿ904 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\Default User\Application Data
08/01/2005 11:27 <REP> .
08/01/2005 11:27 <REP> ..
08/01/2005 11:27 <REP> Microsoft
08/01/2005 11:27 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 47ÿ058ÿ939ÿ904 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data
08/01/2005 11:27 <REP> .
08/01/2005 11:27 <REP> ..
08/01/2005 10:35 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 47ÿ058ÿ939ÿ904 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\JOJO\Application Data
30/12/2005 20:57 <REP> .
30/12/2005 20:57 <REP> ..
12/01/2006 17:44 <REP> Adobe
09/09/2006 17:36 <REP> Bitdefender
30/12/2005 20:57 <REP> Identities
31/12/2005 11:19 <REP> Macromedia
30/12/2005 20:57 <REP> Microsoft
30/12/2005 20:57 62 desktop.ini
1 fichier(s) 62 octets
7 R‚p(s) 47ÿ058ÿ935ÿ808 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\JOJO\Local Settings\Application Data
30/12/2005 20:57 <REP> .
30/12/2005 20:57 <REP> ..
07/01/2006 11:38 <REP> Ahead
30/12/2005 20:57 <REP> ApplicationHistory
30/12/2005 20:57 <REP> HP
31/12/2005 10:34 <REP> Identities
01/01/2006 12:14 <REP> IsolatedStorage
31/12/2005 11:49 <REP> Logitech-LS
30/12/2005 20:57 <REP> Microsoft
31/12/2005 10:39 23ÿ040 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
30/12/2005 20:57 127 fusioncache.dat
30/12/2005 20:57 42ÿ624 GDIPFONTCACHEV1.DAT
07/01/2006 12:04 4ÿ288ÿ744 IconCache.db
4 fichier(s) 4ÿ354ÿ535 octets
9 R‚p(s) 47ÿ058ÿ935ÿ808 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\LocalService\Application Data
08/01/2005 10:37 <REP> .
08/01/2005 10:37 <REP> ..
08/01/2005 10:37 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 47ÿ058ÿ935ÿ808 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data
08/01/2005 10:37 <REP> .
08/01/2005 10:37 <REP> ..
08/01/2005 10:37 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 47ÿ058ÿ935ÿ808 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\max\Application Data
31/12/2005 11:32 <REP> .
31/12/2005 11:32 <REP> ..
31/12/2005 11:48 <REP> Adobe
31/12/2005 13:26 <REP> AdobeUM
05/03/2007 20:18 <REP> Azureus
09/09/2006 10:03 <REP> Bitdefender
04/03/2007 16:44 <REP> BitTorrent
17/03/2007 19:44 <REP> Canon
03/03/2007 17:20 <REP> DeepBurner
07/02/2007 13:51 <REP> dvdcss
28/12/2006 20:42 <REP> Find Bike Keep
05/03/2007 19:52 <REP> FrostWire
06/04/2006 16:23 <REP> Google
21/02/2007 12:21 <REP> Help
31/12/2005 11:32 <REP> Identities
25/02/2006 15:04 <REP> iMesh
17/03/2007 10:12 <REP> Lavasoft
31/12/2005 12:21 <REP> Macromedia
31/12/2005 11:32 <REP> Microsoft
09/12/2006 16:29 <REP> Microsoft Web Folders
17/03/2007 17:11 <REP> PC Tools
17/03/2007 12:57 <REP> ScanSoft
04/03/2007 16:21 <REP> Shareaza
15/04/2006 13:43 <REP> Sun
24/09/2006 12:33 <REP> The Labyrinth Plus! Edition
27/01/2007 18:54 <REP> U3
29/12/2006 10:23 <REP> vlc
31/12/2005 11:32 62 desktop.ini
27/06/2006 18:56 6ÿ769 GdiplusUpgrade_MSIApproach_Wrapper.log
2 fichier(s) 6ÿ831 octets
27 R‚p(s) 47ÿ058ÿ935ÿ808 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\max\Local Settings\Application Data
31/12/2005 11:32 <REP> .
31/12/2005 11:32 <REP> ..
31/12/2005 13:26 <REP> Adobe
09/03/2006 18:08 <REP> Ahead
31/12/2005 11:32 <REP> ApplicationHistory
01/01/2007 18:35 <REP> Copernic
21/05/2006 13:18 <REP> Google
21/02/2007 12:21 <REP> Help
31/12/2005 11:33 <REP> HP
04/01/2006 17:55 <REP> Identities
14/04/2006 09:25 <REP> IM
31/12/2005 12:59 <REP> IsolatedStorage
01/01/2006 16:53 <REP> Logitech-LS
31/12/2005 11:32 <REP> Microsoft
09/03/2006 18:07 <REP> WMTools Downloaded Files
31/12/2005 11:48 110ÿ592 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
31/12/2005 11:32 126 fusioncache.dat
31/12/2005 11:32 42ÿ624 GDIPFONTCACHEV1.DAT
12/01/2006 18:38 1ÿ579ÿ826 IconCache.db
4 fichier(s) 1ÿ733ÿ168 octets
15 R‚p(s) 47ÿ058ÿ931ÿ712 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\NetworkService\Application Data
08/01/2005 10:37 <REP> .
08/01/2005 10:37 <REP> ..
08/01/2005 10:37 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 47ÿ058ÿ931ÿ712 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data
08/01/2005 10:37 <REP> .
08/01/2005 10:37 <REP> ..
08/01/2005 10:37 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 47ÿ058ÿ931ÿ712 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data
08/01/2005 10:36 <REP> .
08/01/2005 10:36 <REP> ..
08/01/2005 10:36 <REP> Microsoft
08/01/2005 10:36 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 47ÿ058ÿ931ÿ712 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
08/01/2005 10:36 <REP> .
08/01/2005 10:36 <REP> ..
08/01/2005 10:36 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 47ÿ058ÿ931ÿ712 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\WINDOWS\Tasks
28/12/2006 20:43 250 AB4C842891B73BDC.job
08/01/2005 10:37 6 SA.DAT
08/01/2005 10:33 65 desktop.ini
08/01/2005 10:33 <REP> ..
08/01/2005 10:33 <REP> .
3 fichier(s) 321 octets
2 R‚p(s) 47ÿ058ÿ931ÿ712 octets libres
******************************************
## Répertoires de C:\Program Files
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 64A7-7E78
R‚pertoire de C:\Program Files
20/03/2007 10:36 <REP> .
20/03/2007 10:36 <REP> ..
26/01/2007 20:26 <REP> 3B Software
08/01/2005 10:48 <REP> Adobe
08/01/2005 10:52 <REP> Ahead
11/02/2006 12:08 <REP> Alexa Toolbar
06/10/2004 18:53 <REP> antispy
03/03/2007 17:23 <REP> Astonsoft
23/07/2006 12:18 <REP> Auralog
05/03/2007 20:20 <REP> Azureus
18/03/2006 11:20 <REP> BearShare
09/02/2007 20:34 <REP> BearShare Applications
04/03/2007 16:54 <REP> BitTorrent
10/02/2007 21:22 <REP> Blubster Toolbar
17/03/2007 13:19 <REP> Canon
23/12/2006 15:46 <REP> Catalencoder
08/01/2005 10:32 <REP> ComPlus Applications
07/02/2007 16:20 <REP> Cool2000
01/01/2007 18:37 <REP> Copernic Desktop Search
18/03/2007 16:44 <REP> Copernic Desktop Search 2
07/06/2005 17:37 <REP> directx
07/02/2007 14:22 <REP> DVD Shrink
21/02/2007 19:04 <REP> Emoticons-plus.com
20/03/2007 20:46 <REP> eMule
17/03/2007 17:11 <REP> Fichiers communs
28/12/2006 20:42 <REP> Find Bike Keep
08/01/2005 10:53 <REP> FlashFXP
05/03/2007 19:56 <REP> FrostWire
12/02/2005 16:09 <REP> GameSpy Arcade
28/01/2007 08:01 <REP> Google
23/12/2005 18:44 <REP> Hewlett-Packard
20/03/2007 10:38 <REP> Hijackthis Version Fran‡aise
23/12/2005 18:14 <REP> HP
25/02/2006 15:19 <REP> iMesh
25/02/2006 15:01 <REP> iMesh Applications
14/04/2006 20:05 <REP> IncrediMail
20/01/2005 11:55 <REP> Infogrames
17/02/2007 10:39 <REP> Internet Explorer
19/11/2005 17:38 <REP> Inventel
16/01/2007 20:37 <REP> Java
08/01/2005 10:54 <REP> Kaspersky Lab
12/02/2005 15:55 <REP> KONAMI
23/03/2005 17:19 <REP> L'Amerzone
18/03/2007 08:44 <REP> Lavasoft
01/03/2007 21:48 <REP> LimeWire
10/12/2005 12:45 <REP> Logitech
07/08/2006 11:56 <REP> Macrogaming
10/12/2005 19:40 <REP> Messenger Plus! 3
22/01/2005 10:48 <REP> Microprose
09/12/2006 16:30 <REP> Microsoft FrontPage
20/01/2005 15:18 <REP> Microsoft Games
08/10/2005 12:13 <REP> Microsoft Money 2005
09/12/2006 16:29 <REP> Microsoft Office
08/01/2005 10:50 <REP> Microsoft Plus!
08/01/2005 10:49 <REP> Microsoft Plus! Digital Media Edition
09/12/2006 16:31 <REP> Microsoft Visual Studio
08/01/2005 10:45 <REP> Microsoft.NET
08/01/2005 10:33 <REP> Movie Maker
11/01/2006 19:27 <REP> MP3 Player Utilities
22/10/2005 12:50 <REP> MSN Apps
08/01/2005 10:32 <REP> MSN Gaming Zone
26/01/2007 20:36 <REP> MSN Messenger
22/10/2005 12:56 <REP> MSN Toolbar
18/11/2006 11:22 <REP> MSXML 4.0
08/01/2005 10:33 <REP> NetMeeting
16/12/2006 14:17 <REP> Outlook Express
19/06/2006 14:14 <REP> PhotoFiltre
31/12/2006 14:14 <REP> QuickTime
04/02/2006 11:18 <REP> Ratajik Software
01/04/2005 17:33 <REP> Return to Castle Wolfenstein
20/04/2006 15:55 <REP> Rockstar Games
17/03/2007 12:55 <REP> ScanSoft
08/01/2005 10:34 <REP> Services en ligne
04/03/2007 16:27 <REP> Shareaza
22/01/2005 10:45 <REP> Sierra On-Line
06/09/2006 14:18 <REP> Softwin
17/03/2007 11:23 <REP> Spybot - Search & Destroy
17/03/2007 22:45 <REP> Spyware Doctor
13/10/2004 10:19 <REP> SuperCopier
16/12/2006 18:14 <REP> Tomb Raider - Legend
21/06/2005 18:52 <REP> Trend Micro
10/01/2005 09:41 <REP> UltraISO
08/01/2005 10:53 <REP> utiles
29/12/2006 10:21 <REP> VideoLAN
16/12/2005 18:16 <REP> Wanadoo
28/12/2006 17:01 <REP> Windows Media Connect 2
28/12/2006 17:01 <REP> Windows Media Player
08/01/2005 10:32 <REP> Windows NT
08/01/2005 10:54 <REP> WinRAR
0 fichier(s) 0 octets
89 R‚p(s) 47ÿ058ÿ927ÿ616 octets libres
******************************************
## Popups autorisées
* Internet Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
www.manson-world.net REG_BINARY
webmessenger.msn.com REG_BINARY
* Mozilla Firefox (1 autorisé 2 interdit)
******************************************
## Registre
* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/ie
* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Ref blue meow cake REG_SZ C:\Documents and Settings\All Users\Application Data\skip atom ref blue\Stopfirst.exe
ScanSoft OmniPage SE 4.0-reminder REG_SZ "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
mfcdscr REG_SZ C:\DOCUME~1\max\APPLIC~1\FINDBI~1\RuleLocksIdle.exe
******************************************
## Zones de sécurité
* HKCU Domains (4)
* P3P History (5)
******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"
*************** Fin du rapport ****************
voila !!!
Bonjour
Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
AVG Anti-Spyware
http://www.ewido.net/en/download/
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Relance un scan HijackThis et coche les lignes ci-dessous :
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - C:\WINDOWS\system32\SHDOCVW.DLL
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Ref blue meow cake] C:\Documents and Settings\All Users\Application Data\skip atom ref blue\Stopfirst.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [mfcdscr] C:\DOCUME~1\max\APPLIC~1\FINDBI~1\RuleLocksIdle.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/sc [...] mailto.htm
O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/sc [...] elated.htm
O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/sc [...] review.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b55579.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O18 - Protocol: bw+0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {85642E9C-942E-45D7-8945-CF21D8DDDB7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »
4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer
5 Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes :
Alexa Toolbar
6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
C:\Documents and Settings\All Users\Application Data\skip atom ref blue
C:\Documents and Settings\max\Application Data\Find Bike Keep
C:\WINDOWS\Tasks\AB4C842891B73BDC.job
C:\Program Files\Alexa Toolbar
C:\Program Files\Find Bike Keep
Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
7 Lance le nettoyage avec CCleaner.
8 Lance AVG Anti-Spyware.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
9 Redémarre normalement et poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware
bonjour,
je ne comprend pas quand vous dites démarrer en mode sans échec,,,??
Re
Pour démarrer en mode sans échec, fais comme ceci
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
Il y a 276 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
