Chargement en cours...
Connexion au forum informatique de Sur-la-Toile
La discussion « j'en est marre des pubs ! » se trouve dans le forum « Virus, troyens, etc... »
Statut de la discussion » j'en est marre des pubs ! « ( résolue)

j'en est marre des pubs !

Le 24-03-2007 à 12:14 #

refait un rapport hijack

Le 24-03-2007 à 12:18 #

comment on fait déja


Ajout du 24-03-2007 à 17:26:

je sais plus comment on fais

Le 24-03-2007 à 17:34 #

tu aurais pu regarder à la 1ere page ( ou 2eme) puisque tu as déjà fait un rapport

sinon
Télécharger sur le bureau
Hijackthis
= clic droit dessus ==> renommer ==> écrire : test.exe ( à la place de hijackthis.exe) <== Important
=Double-clic dessus
= Clic : I accept
= Clic Do a system scan and save the log
= copier le rapport, le coller dans la réponse

Le 24-03-2007 à 17:56 #

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:58:17, on 24/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\NudgeMania\NudgeMania.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Odebit Multimédia\V2\Odebit.exe
C:\Program Files\Lyad Messenger\lyad_messenger.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\APO Usb Autorun\usb_autorun.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wisptis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jpierre\Mes documents\text.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nouvelobs.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {7B50A795-141A-862B-FB57-155F47B787CA} - C:\WINDOWS\bbcnspwr.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchEnhancer\nsp338.dll (file missing)
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AE8E2148-69A6-70FE-48FB-2C9CCC395FE0} - C:\WINDOWS\bbcnspwr.dll (file missing)
O2 - BHO: SST - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - C:\Program Files\Lycos\sst.dll (file missing)
O3 - Toolbar: Search - {4A19D5FE-1765-92FF-F846-5733D1551550} - C:\WINDOWS\bbcnspwr.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NUDGEMANIA] C:\Program Files\NudgeMania\NudgeMania.exe
O4 - HKLM\..\Run: [drv soap axis road] C:\Documents and Settings\All Users.WINDOWS\Application Data\Mp3 time drv soap\Buildford.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Odebit Multimedia V3] C:\Program Files\Odebit Multimédia\V2\Odebit.exe
O4 - HKCU\..\Run: [Odebit Multimedia V3 - Services] C:\Program Files\Odebit Multimédia\V2\Odebit.exe /info
O4 - HKCU\..\Run: [Lyad] C:\Program Files\Lyad Messenger\lyad_messenger.exe autostart
O4 - HKCU\..\Run: [Size Active] C:\DOCUME~1\jpierre\APPLIC~1\DVDKEE~1\softwaremeal.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: APO Usb Autorun.lnk = C:\Program Files\APO Usb Autorun\usb_autorun.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\res\DealioSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A4194AD-C649-4F82-A9B6-3642D5056BF6}: NameServer = 85.255.115.38 85.255.112.103
O18 - Protocol: bw+0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F5B33FD3-C1A2-4BC8-8A04-D3B875964990} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 22826 bytes

Le 24-03-2007 à 18:38 #

relancer hijack
Clic sur
"Do a System Scan Only "
cocher ces lignes et ensuite Clic sur : Fix Checked

R3 - URLSearchHook: (no name) - {7B50A795-141A-862B-FB57-155F47B787CA} - C:\WINDOWS\bbcnspwr.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchEnhancer\nsp338.dll (file missing)
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: (no name) - {AE8E2148-69A6-70FE-48FB-2C9CCC395FE0} - C:\WINDOWS\bbcnspwr.dll (file missing)
O2 - BHO: SST - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - C:\Program Files\Lycos\sst.dll (file missing)
O3 - Toolbar: Search - {4A19D5FE-1765-92FF-F846-5733D1551550} - C:\WINDOWS\bbcnspwr.dll (file missing)
-------------
puis

Télécharger

NoLop.exe
= Fermer tous les programmes
= Double-clic sur NoLop
= Clic sur Search and Destroy
= A la fin du Scan si infection
==> message demandant si l'on veut redémarrer ==> OK
= Clic REBOOT
= Un message au redémarrage
= un rapport dans C:\NoLop.log ==> le copier/coller dans la réponse

puis supprimer ce rapport dans C:
et "delete" ( symbole roue dentée)

Le 24-03-2007 à 18:47 #

qu'est-ce que tu entend par "delete" ?


Ajout du 24-03-2007 à 19:19:

NoLop! Log by Skate_Punk_21

Fix running from: C:\Documents and Settings\jpierre\Mes documents
[24/03/2007]
[19:12:15]

---Infection Files Found/Removed---
C:\WINDOWS\tasks\B010D59F931B45BB.job

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Hp
C:\Documents and Settings\All Users\Application Data\Macrovision
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Trans Coal Byte Dupe
C:\Documents and Settings\All Users\Application Data\Trymedia
C:\Documents and Settings\All Users.windows\Application Data\Adobe
C:\Documents and Settings\All Users.windows\Application Data\Ahead
C:\Documents and Settings\All Users.windows\Application Data\Apple Computer
C:\Documents and Settings\All Users.windows\Application Data\Boonty
C:\Documents and Settings\All Users.windows\Application Data\Google
C:\Documents and Settings\All Users.windows\Application Data\Macrovision
C:\Documents and Settings\All Users.windows\Application Data\Messenger Plus!
C:\Documents and Settings\All Users.windows\Application Data\Microsoft
C:\Documents and Settings\All Users.windows\Application Data\Mp3 Time Drv Soap
C:\Documents and Settings\All Users.windows\Application Data\Nview_profiles -- EMPTY Directory
C:\Documents and Settings\All Users.windows\Application Data\Office Genuine Advantage
C:\Documents and Settings\All Users.windows\Application Data\Symantec
C:\Documents and Settings\All Users.windows\Application Data\Ulead Systems
C:\Documents and Settings\All Users.windows\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User.windows\Application Data\Microsoft
C:\Documents and Settings\Jpierre\Application Data\Acd Systems
C:\Documents and Settings\Jpierre\Application Data\Achrafcherti
C:\Documents and Settings\Jpierre\Application Data\Adobe
C:\Documents and Settings\Jpierre\Application Data\Adobeaum
C:\Documents and Settings\Jpierre\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Jpierre\Application Data\Ahead
C:\Documents and Settings\Jpierre\Application Data\Apple Computer
C:\Documents and Settings\Jpierre\Application Data\Azureus
C:\Documents and Settings\Jpierre\Application Data\Bittorrent
C:\Documents and Settings\Jpierre\Application Data\Divx
C:\Documents and Settings\Jpierre\Application Data\Dvd Keep
C:\Documents and Settings\Jpierre\Application Data\Eorezo
C:\Documents and Settings\Jpierre\Application Data\Fotowire
C:\Documents and Settings\Jpierre\Application Data\Frostwire
C:\Documents and Settings\Jpierre\Application Data\Google
C:\Documents and Settings\Jpierre\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Jpierre\Application Data\Hp
C:\Documents and Settings\Jpierre\Application Data\Identities
C:\Documents and Settings\Jpierre\Application Data\Internet Download Accelerator
C:\Documents and Settings\Jpierre\Application Data\Intervideo
C:\Documents and Settings\Jpierre\Application Data\Irfanview
C:\Documents and Settings\Jpierre\Application Data\Kazaa Lite
C:\Documents and Settings\Jpierre\Application Data\Leadertech
C:\Documents and Settings\Jpierre\Application Data\Macromedia
C:\Documents and Settings\Jpierre\Application Data\Media Player Classic
C:\Documents and Settings\Jpierre\Application Data\Microsoft
C:\Documents and Settings\Jpierre\Application Data\Mozilla
C:\Documents and Settings\Jpierre\Application Data\Msninstaller
C:\Documents and Settings\Jpierre\Application Data\Netscape
C:\Documents and Settings\Jpierre\Application Data\Openoffice.org2
C:\Documents and Settings\Jpierre\Application Data\Podmailer
C:\Documents and Settings\Jpierre\Application Data\Real
C:\Documents and Settings\Jpierre\Application Data\Screenshot Sender
C:\Documents and Settings\Jpierre\Application Data\Slysoft
C:\Documents and Settings\Jpierre\Application Data\Sun
C:\Documents and Settings\Jpierre\Application Data\Symantec
C:\Documents and Settings\Jpierre\Application Data\Systemdoctor 2006 Free
C:\Documents and Settings\Jpierre\Application Data\Vlc
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Localservice.autorite Nt\Application Data\Microsoft
C:\Documents and Settings\Localservice.autorite Nt.000\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Symantec
C:\Documents and Settings\Networkservice.autorite Nt\Application Data\Microsoft
C:\Documents and Settings\Networkservice.autorite Nt.000\Application Data\Microsoft
C:\Documents and Settings\Networkservice.autorite Nt.000\Application Data\Symantec

Le 30-03-2007 à 18:51 #

NoLop! Log by Skate_Punk_21

Fix running from: C:\Documents and Settings\jpierre\Mes documents
[24/03/2007]
[19:12:15]

---Infection Files Found/Removed---
C:\WINDOWS\tasks\B010D59F931B45BB.job

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Hp
C:\Documents and Settings\All Users\Application Data\Macrovision
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Trans Coal Byte Dupe
C:\Documents and Settings\All Users\Application Data\Trymedia
C:\Documents and Settings\All Users.windows\Application Data\Adobe
C:\Documents and Settings\All Users.windows\Application Data\Ahead
C:\Documents and Settings\All Users.windows\Application Data\Apple Computer
C:\Documents and Settings\All Users.windows\Application Data\Boonty
C:\Documents and Settings\All Users.windows\Application Data\Google
C:\Documents and Settings\All Users.windows\Application Data\Macrovision
C:\Documents and Settings\All Users.windows\Application Data\Messenger Plus!
C:\Documents and Settings\All Users.windows\Application Data\Microsoft
C:\Documents and Settings\All Users.windows\Application Data\Mp3 Time Drv Soap
C:\Documents and Settings\All Users.windows\Application Data\Nview_profiles -- EMPTY Directory
C:\Documents and Settings\All Users.windows\Application Data\Office Genuine Advantage
C:\Documents and Settings\All Users.windows\Application Data\Symantec
C:\Documents and Settings\All Users.windows\Application Data\Ulead Systems
C:\Documents and Settings\All Users.windows\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User.windows\Application Data\Microsoft
C:\Documents and Settings\Jpierre\Application Data\Acd Systems
C:\Documents and Settings\Jpierre\Application Data\Achrafcherti
C:\Documents and Settings\Jpierre\Application Data\Adobe
C:\Documents and Settings\Jpierre\Application Data\Adobeaum
C:\Documents and Settings\Jpierre\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Jpierre\Application Data\Ahead
C:\Documents and Settings\Jpierre\Application Data\Apple Computer
C:\Documents and Settings\Jpierre\Application Data\Azureus
C:\Documents and Settings\Jpierre\Application Data\Bittorrent
C:\Documents and Settings\Jpierre\Application Data\Divx
C:\Documents and Settings\Jpierre\Application Data\Dvd Keep
C:\Documents and Settings\Jpierre\Application Data\Eorezo
C:\Documents and Settings\Jpierre\Application Data\Fotowire
C:\Documents and Settings\Jpierre\Application Data\Frostwire
C:\Documents and Settings\Jpierre\Application Data\Google
C:\Documents and Settings\Jpierre\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Jpierre\Application Data\Hp
C:\Documents and Settings\Jpierre\Application Data\Identities
C:\Documents and Settings\Jpierre\Application Data\Internet Download Accelerator
C:\Documents and Settings\Jpierre\Application Data\Intervideo
C:\Documents and Settings\Jpierre\Application Data\Irfanview
C:\Documents and Settings\Jpierre\Application Data\Kazaa Lite
C:\Documents and Settings\Jpierre\Application Data\Leadertech
C:\Documents and Settings\Jpierre\Application Data\Macromedia
C:\Documents and Settings\Jpierre\Application Data\Media Player Classic
C:\Documents and Settings\Jpierre\Application Data\Microsoft
C:\Documents and Settings\Jpierre\Application Data\Mozilla
C:\Documents and Settings\Jpierre\Application Data\Msninstaller
C:\Documents and Settings\Jpierre\Application Data\Netscape
C:\Documents and Settings\Jpierre\Application Data\Openoffice.org2
C:\Documents and Settings\Jpierre\Application Data\Podmailer
C:\Documents and Settings\Jpierre\Application Data\Real
C:\Documents and Settings\Jpierre\Application Data\Screenshot Sender
C:\Documents and Settings\Jpierre\Application Data\Slysoft
C:\Documents and Settings\Jpierre\Application Data\Sun
C:\Documents and Settings\Jpierre\Application Data\Symantec
C:\Documents and Settings\Jpierre\Application Data\Systemdoctor 2006 Free
C:\Documents and Settings\Jpierre\Application Data\Vlc
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Localservice.autorite Nt\Application Data\Microsoft
C:\Documents and Settings\Localservice.autorite Nt.000\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Symantec
C:\Documents and Settings\Networkservice.autorite Nt\Application Data\Microsoft
C:\Documents and Settings\Networkservice.autorite Nt.000\Application Data\Microsoft
C:\Documents and Settings\Networkservice.autorite Nt.000\Application Data\Symantec



bon alors la je dois faire quoi ?
» Liste des Forums » Virus, troyens, etc...

Sujets Connexes

Arakien & WéWé


Forums

Navigation


Publicité

Connectés

Il y a actuellement 351 visiteurs et 12 toiliens en ligne, ainsi que 14 connectés sur le tchat.

Recherche

Annonces


Sauf mention contraire, le contenu du blog et du forum est sous licence Creative Commons By-Sa. Vous avez le droit de le reproduire à condition de citer l'auteur, de faire un lien vers la page d'origine, et de partager vos travaux dérivés selon les mêmes conditions.

Conditions d'utilisation -

Partenaires: [Informatique Multimédia] [Portail du Maroc] [Actualité High Tech]
[Tutoriaux Photoshop] [éligibilité ADSL] [Astuces Windows]

Page générée en 177 millisecondes sur WWW1.