Tom's Guide > Forum > Sécurité - Virus > Virtumonde encore -__-"

Virtumonde encore -__-"

Forum Sécurité - Virus : Virtumonde encore -__-"

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
paikan@IDN   09-06-2007 à 09:28:03

Bonjour,

c'est l'arlésienne de ce forum (désolé), mais j'ai vraiment besoin d'aide pour (re)déloger virtumonde de mon PC. j'avais bien réussi à le faire moi même l'année dernière, mais cette fois il resiste plutôt bien l'animal...

voilà le rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:25:43, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Catherine\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {437C057F-FE17-4CAC-B502-2DD1FED4D15C} - C:\WINDOWS\system32\awvvs.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {CFDE1CF9-75B3-4B1E-B9A7-B5FB88A171E6} - C:\WINDOWS\system32\xxyxuut.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\igrkiuvn.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\xacguspt.dll",realset
O4 - HKLM\..\Run: [j6251131] rundll32 C:\WINDOWS\system32\j6251131.dll sook
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E81915DA-96C5-4D9E-A82A-AB24AD36595C}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: awvvs - C:\WINDOWS\system32\awvvs.dll
O20 - Winlogon Notify: xxyxuut - C:\WINDOWS\SYSTEM32\xxyxuut.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 21577 bytes


Vundofix ne semble rien trouver, ce qui m'étonne...

merci de votre aide, ça pourrait me sauver une journée de boulot :)


Paikan

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Eric_71   09-06-2007 à 09:33:58
- 0 +


Bonjour , en effet , t'es bien infecté :)

Citation :

Vundofix ne semble rien trouver, ce qui m'étonne...


Avant d'utiliser autre chose , j'aimerais quand même voir le rapport

Télécharge VundoFix sur ton Bureau <~ Clique ici

Double-clique VundoFix.exe pour le lancer
lorsque il se lance à nouveau , clique sur Scan for Vundo
à la fin du scan , clique sur Remove Vundo
il te demandera si tu veux supprimer les fichiers , clique sur YES

ton Bureau va disparaitre lors de la suppression des fichiers

ensuite , il va t'annoncer que ton PC va s'éteindre , clique OK

Redémarre ton PC

Copie/colle le rapport ( C:\vundofix.txt )
et un nouveau rapport HijackThis

Il est possible que VundoFix ne puisse pas supprimer un fichier , dans ce cas, il se relancera au prochain redémarrage , il suffit de recommencer à partir de clique sur Scan for Vundo

------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
paikan@IDN   09-06-2007 à 09:37:50
- 0 +

en forçant un peu Vundofix, j'ai eu un peu plus de précisions dans le log:


VundoFix V6.4.2

Checking Java version...

Java version is 1.5.0.11

Scan started at 09:29:14 09/06/2007

Listing files found while scanning....

C:\WINDOWS\system32\aqmghitj.dll
C:\WINDOWS\system32\awvvs.dll
C:\WINDOWS\system32\svvwa.bak1
C:\WINDOWS\system32\svvwa.bak2
C:\WINDOWS\system32\svvwa.ini
C:\WINDOWS\system32\tpsugcax.ini
C:\WINDOWS\system32\xacguspt.dll
C:\WINDOWS\system32\xxyxuut.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\aqmghitj.dll
C:\WINDOWS\system32\aqmghitj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\awvvs.dll
C:\WINDOWS\system32\awvvs.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\svvwa.bak1
C:\WINDOWS\system32\svvwa.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\svvwa.bak2
C:\WINDOWS\system32\svvwa.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\svvwa.ini
C:\WINDOWS\system32\svvwa.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\tpsugcax.ini
C:\WINDOWS\system32\tpsugcax.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xacguspt.dll
C:\WINDOWS\system32\xacguspt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xxyxuut.dll
C:\WINDOWS\system32\xxyxuut.dll Has been deleted!

Performing Repairs to the registry.
Done!



et le nouveau rapport Hijackthis donne:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:41:05, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Catherine\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {437C057F-FE17-4CAC-B502-2DD1FED4D15C} - C:\WINDOWS\system32\awvvs.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\igrkiuvn.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\xacguspt.dll",realset
O4 - HKLM\..\Run: [j6251131] rundll32 C:\WINDOWS\system32\j6251131.dll sook
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E81915DA-96C5-4D9E-A82A-AB24AD36595C}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 21460 bytes

Répondre à paikan@IDN
Eric_71   09-06-2007 à 09:39:41
- 0 +

Télécharge ComboFix <~ Clique ici

 

Engegistre le sur ton Bureau

 

Double clique combofix.exe ( le .exe peut ne pas apparaitre )

 

Pour demarrer , tape sur la touche Y , attend la fin du scan

 

Un rapport est généré , Copie / Colle le dans ta réponse

 

Tu peux aussi trouver ce rapport ici : C:\Combofix.txt
Et un nouveau Hijackthis


Message édité par Eric_71 le 09-06-2007 à 09:40:22
------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
paikan@IDN   09-06-2007 à 09:47:24
- 0 +

Pour le combofix, voilà:

"Catherine" - 2007-06-09 9:46:39 Service Pack 2 NTFS
ComboFix 07-06-3B - Running from: "C:\Documents and Settings\Catherine\Bureau\"


((((((((((((((((((((((((( Files Created from 2007-05-09 to 2007-06-09 )))))))))))))))))))))))))))))))


2007-06-09 09:29 <REP> d-------- C:\VundoFix Backups
2007-06-08 12:24 58,420 --a------ C:\WINDOWS\system32\igrkiuvn.dll
2007-06-07 15:06 95,872 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-06-07 15:06 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-06-07 15:06 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-06-07 15:06 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-06-07 15:06 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-06-07 15:06 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-06-07 15:05 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-06-07 12:24 55,316 --a------ C:\WINDOWS\system32\tddlkwjg.dll
2007-06-07 11:13 <REP> d-------- C:\Program Files\Dofus
2007-06-06 22:59 <REP> d-------- C:\WINDOWS\pss
2007-06-06 00:06 14,868 --a------ C:\WINDOWS\system32\dslyrsfr.exe
2007-06-06 00:06 10,752 --a------ C:\WINDOWS\system32\j6251131.dll
2007-06-05 00:07 2,580 --a------ C:\WINDOWS\system32\fsprsfwd.exe
2007-06-04 00:09 2,580 --a------ C:\WINDOWS\system32\smgwjylm.exe
2007-06-03 00:10 2,580 --a------ C:\WINDOWS\system32\dfptrvik.exe
2007-06-02 00:11 2,580 --a------ C:\WINDOWS\system32\brdvglim.exe
2007-05-23 10:38 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-05-23 10:38 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-05-23 10:38 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-05-23 10:38 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-05-23 10:38 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-05-23 10:38 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-05-23 10:38 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-05-23 10:38 10,752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-05-23 10:38 1,565,480 --a------ C:\WINDOWS\system32\wmv9vcm.dll
2007-05-23 10:38 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-05-23 10:38 <REP> d-------- C:\Program Files\K-Lite Codec Pack


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2147-05-20 18:16:40 48,616 ----a-w C:\WINDOWS\system32\perfc00C.dat
2147-05-20 18:16:40 367,658 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-06-09 07:37:30 -------- d-----w C:\Program Files\Wanadoo
2007-06-06 07:12:28 -------- d-----w C:\Program Files\PartyGaming
2007-06-04 09:40:40 -------- d-----w C:\DOCUME~1\CATHER~1\APPLIC~1\BitTorrent
2007-04-23 12:46:22 682,232 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-04-20 08:34:32 -------- d-----w C:\Program Files\Alcohol Soft
2007-04-20 08:30:08 -------- d-----w C:\Program Files\iPod
2007-04-20 08:29:25 -------- d-----w C:\Program Files\DofusCalc
2007-04-20 08:28:39 -------- d-----w C:\Program Files\SlySoft
2007-04-19 14:01:43 -------- d-----w C:\DOCUME~1\CATHER~1\APPLIC~1\AdobeUM
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-11 09:24:46 -------- d-----w C:\DOCUME~1\CATHER~1\APPLIC~1\Skype
2007-04-10 23:25:09 -------- d-----w C:\Program Files\MSXML 4.0
2007-04-10 11:18:25 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-04-10 11:04:57 -------- d-----w C:\Program Files\eBay
2007-04-09 16:19:24 -------- d-----w C:\Program Files\Skype
2007-04-09 16:06:08 -------- d-----w C:\Program Files\Fichiers communs\Skype
2007-04-09 07:44:00 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
2007-04-09 07:43:54 -------- d-----w C:\Program Files\Logitech
2007-04-09 07:42:28 -------- d-----w C:\Program Files\Fichiers communs\Logitech
2007-03-29 15:50:10 49,152 ----a-r C:\WINDOWS\system32\inetwh32.dll
2007-03-29 15:50:10 1,044,480 ----a-r C:\WINDOWS\system32\roboex32.dll
2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{437C057F-FE17-4CAC-B502-2DD1FED4D15C}=C:\WINDOWS\system32\awvvs.dll []
{53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 02:04]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{E12BFF69-38A7-406e-A8EF-2738107A7831}=C:\WINDOWS\system32\igrkiuvn.dll [2007-06-08 12:24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2006-01-24 12:15 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 08:27 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 12:43 C:\WINDOWS\Alcmtr.exe]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 23:48]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 09:46]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 10:34]
"LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-06-26 10:33]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-09 09:44]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"Pml Driver HPZ12"=3 (0x3)
"NVSvc"=2 (0x2)
"LVSrvLauncher"=2 (0x2)
"LVPrcSrv"=2 (0x2)
"iPod Service"=3 (0x3)
"FTRTSVC"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Usnsvc usnsvc

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*


Contents of the 'Scheduled Tasks' folder
2007-05-14 05:27:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2147-05-20 15:43:38 C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1173371295.job

**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-09 09:48:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-09 9:49:01

--- E O F ---

et le 3ème Hijackthis:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:50:56, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Catherine\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {437C057F-FE17-4CAC-B502-2DD1FED4D15C} - C:\WINDOWS\system32\awvvs.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\igrkiuvn.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E81915DA-96C5-4D9E-A82A-AB24AD36595C}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 20880 bytes

Répondre à paikan@IDN
Eric_71   09-06-2007 à 09:53:08
- 0 +


Supprime ta version de Hijackthis et telecharge cette version :

http://www.merijn.org/files/hijackthis.zip

lance le programme , clique do a system scan and save a logfile

copie / colle le rapport généré

------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
paikan@IDN   09-06-2007 à 09:57:31
- 0 +

Et de 4: (j'avais une mauvaise version de Hijackthis?)

Logfile of HijackThis v1.99.1
Scan saved at 10:00:08, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\Catherine\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {437C057F-FE17-4CAC-B502-2DD1FED4D15C} - C:\WINDOWS\system32\awvvs.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\igrkiuvn.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{E81915DA-96C5-4D9E-A82A-AB24AD36595C}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)



Répondre à paikan@IDN
Eric_71   09-06-2007 à 10:03:33
- 0 +

Citation :

j'avais une mauvaise version de Hijackthis?


HijackThis v2.0.0 (BETA) <~ Version BETA moins fiable

Relance Vundofix

Cette fois-ci , ne clique pas sur Scan for a vundo
fais un Clique droit au milieu de la fenêtre , clique sur Add more files ?

Copie / colle les fichiers ci-dessous ( un par case) :
( la ,il n'y en à qu'un donc une seule case )

Citation :

C:\WINDOWS\system32\igrkiuvn.dll



Ensuite clique sur Add files , puis sur Close Windows
et enfin sur Remove Vundo , tu dois voir apparaitre les fichier dans la fenêtre

s'il te demande un Redemarrage , accepte le

Poste le rapport Vundofix
et un nouveau rapport HijackThis

------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
paikan@IDN   09-06-2007 à 10:16:55
- 0 +

Le nouveau Vundo ne trouve rien du tout (youpi? :wahoo: )



et le 5ème Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 10:14:09, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Catherine\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {437C057F-FE17-4CAC-B502-2DD1FED4D15C} - C:\WINDOWS\system32\awvvs.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\igrkiuvn.dll (file missing)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{E81915DA-96C5-4D9E-A82A-AB24AD36595C}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

*fait une prière pour que la menace soit erradiquée*

Répondre à paikan@IDN
Eric_71   09-06-2007 à 10:27:11
- 0 +


Cette fois , il est out :lol: , on va l'achever ;)

--------------------------------------------------------------------------------

Relance Hijackthis clique cette fois sur do a system scan only
coche dans les cases à gauche les lignes suivantes ( et uniquement celles-ci ) :

O2 - BHO: (no name) - {437C057F-FE17-4CAC-B502-2DD1FED4D15C} - C:\WINDOWS\system32\awvvs.dll (file missing)
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\igrkiuvn.dll (file missing)

et clique sur Fix checked ( en bas à gauche )

Télécharge clean <~ Clique ici

décompresse-le sur ton bureau ( extraire tous les fichiers) , tu obtient un dossier clean

Ouvre le dossier clean, double-clique sur clean.cmd choisis l'option 1 puis patiente

un rapport est généré

poste le rapport Clean
et un nouveau Hijackthis

------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
paikan@IDN   09-06-2007 à 10:34:10
- 0 +

09/06/2007 a 10:36:35,18

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\PartyGaming\" FOUND
*** Fin du rapport !


et le 6ème Hijack:

Logfile of HijackThis v1.99.1
Scan saved at 10:37:45, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Catherine\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{E81915DA-96C5-4D9E-A82A-AB24AD36595C}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Répondre à paikan@IDN
Eric_71   09-06-2007 à 10:42:47
- 0 +

Pour Vundo , c'est bon :)
On va faire un bon nettoyage

 

----------------------------------------------------------------------------------

 

!! Imprime cette page car tu n'auras pas acces à internet durant la procédure !!

 

Télécharge CCleaner <~ Clique ici
Télécharge AVG Anti-Spyware <~ Clique ici

 

fais les mises à jour , mais ne lance pas le scan tout de suite

 

Redémarre en mode sans échec ( demarrer / redemarrer / tapotte sur F8 jusqu'a l'apparition du menu / monte avec les fleches sur mode sans echec / choisis ta session )

 

Ouvre le dossier clean, double-clique sur clean.cmd
Choisis l'option 2 et attend la fin du scan

Lance maintenant CCleaner

 

clique sur Analyse ( en bas à gauche ) une fois terminée , clique sur Lancer le nettoyage
clique sur Erreurs ( en haut à gauche ) puis Chercher les erreurs , et enfin Reparer les erreurs séléctionnées ( répare toutes les erreurs )

 

Ferme CCleaner

 

Lance AVG Anti-Spywares

 

Choisis l'onglet Analyse , puis l'onglet Paramètres
Sous la question Comment réagir ? clique sur Actions recommandées et choisis Quarantaine
Reclique sur l'onglet Analyse puis fais Analyse complète du système

a la fin de l'analyse ,si un fichier est infecté clique sur Appliquer toutes les actions

Clique sur Enregistrer le rapport puis sur Enregistrer le rapport sous ( enregistre sur ton Bureau )

 

Redemarre normalement

 

poste le rapport AVG
et le rapport clean : C:\rapport clean.txt
un nouveau rapport Hijackthis


Message édité par Eric_71 le 09-06-2007 à 10:43:29
------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
paikan@IDN   09-06-2007 à 11:42:51
- 0 +

Bon, c'était long dsl, et en plus impossible de lancer avg en mode sans echec (le rapport est en mode normal)

voilà les resultats:

Clean:

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/06/2007 a 11:02:16,70

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\PartyGaming\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !


Avg:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 11:35:32 09/06/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{49D3F715-10CC-476A-A896-D3C59F35E24A}\RP190\A0029811.dll -> Adware.Virtumonde : Nettoyé.
C:\VundoFix Backups\xxyxuut.dll.bad -> Adware.Virtumonde : Nettoyé.
C:\WINDOWS\system32\j6251131.dll -> Hijacker.Small.mw : Nettoyé.
:mozilla.215:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.375:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.376:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.424:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.668:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.698:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.712:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.324:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.325:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.208:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.209:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.210:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.211:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.212:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.479:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.480:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.481:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.482:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.484:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.234:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.235:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.15:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.16:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.17:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.18:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.19:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.435:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.144:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Julien\Cookies\julien@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.68:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.611:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.612:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.503:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.64:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.50:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.51:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.52:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.29:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Julien\Cookies\julien@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.59:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.112:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.113:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.114:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.115:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.116:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.311:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.312:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.313:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.314:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.315:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.394:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.490:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.454:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.458:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.459:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.467:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.626:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.685:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyé.
:mozilla.94:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.95:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.672:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.336:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.337:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Julien\Cookies\julien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.708:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.541:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.542:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.223:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.263:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.154:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.386:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.387:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.388:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.389:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.613:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.614:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.574:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.575:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.578:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.579:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.580:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.581:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.582:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.671:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.475:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.476:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.477:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.478:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.395:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.396:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.397:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.398:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.399:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.400:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Julien\Cookies\julien@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Julien\Cookies\julien@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.373:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.441:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.442:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.10:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.11:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.12:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Julien\Cookies\julien@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.390:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.391:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.392:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.629:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Toplist : Nettoyé.
:mozilla.7:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.8:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.9:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.697:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.623:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.41:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.42:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.44:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.45:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Julien\Cookies\julien@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.556:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.368:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.118:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.119:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.120:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.121:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.122:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.123:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.128:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.483:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.485:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.486:C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\rh2yup4t.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\WINDOWS\system32\brdvglim.exe -> Trojan.Agent.anr : Nettoyé.
C:\WINDOWS\system32\dfptrvik.exe -> Trojan.Agent.anr : Nettoyé.
C:\WINDOWS\system32\fsprsfwd.exe -> Trojan.Agent.anr : Nettoyé.
C:\WINDOWS\system32\smgwjylm.exe -> Trojan.Agent.anr : Nettoyé.


Fin du rapport

en enfin le traditionnel Hijackthis, 7ème du nom:

Logfile of HijackThis v1.99.1
Scan saved at 11:45:47, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Catherine\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{E81915DA-96C5-4D9E-A82A-AB24AD36595C}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {89C2D0B1-6CAA-4F78-81A3-BFDA0452A2A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe


Voilà...si virtu est encore là, je prépare une thermos de café :fou:

Merci bcp de ton aide en tous cas :)

Répondre à paikan@IDN
Eric_71   09-06-2007 à 11:48:03
- 0 +

Citation :

Voilà...si virtu est encore là, je prépare une thermos de café :fou:


Rassures-toi , il n'est plus présent :)

Tu as des questions ?

------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
paikan@IDN   09-06-2007 à 11:59:52
- 0 +

Oui, une seule:

Ca fait environ 2 ans qu'il existe, non? En quoi est -il si puissant et persistant qu'aucun antivirus (enfin pas la plupart...) n'arrive à le bloquer???

Et encore mille merci pour ton aide :) :) :) :) :) :) :) :)

Répondre à paikan@IDN
Eric_71   09-06-2007 à 12:17:33
- 0 +


Citation Malekal

Citation :

Trojan.Vundo est un composent d'un adware qui télécharge et affiche des popup de publicité. Il est connu pour être installé à partir de site WEB que l'on reçoit par des mails de spam.


A chaque fois qu'on l'attaque , il est capable de changer de nom et de se déplacer
Il est dans certains cas très dur à éliminer puisqu'il varie plus vite que les mises à jour des logiciels et donc n'est pas toujours reconnu par ceux-ci

Bonne continuation ;)

------------------------------ - Comment Fixer avec HiJackThis -
- Mode Sans Echec -
 Répondre à Eric_71
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Virtumonde encore -__-"
Aller à :

Il y a 2387 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,375 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens