Infecté par registry cleanerRésolu/Fermé

Question

Bonjour a tous,

J'ai ete infecté par un "registry cleaner" et j'ai tout essayé(ce que mes connaissances me permettent...) spybot en normale et en mode sans echec, avast antivirus, etc...

Apres m'etre pas mal renseigné sur le sujet, il apparait que le seul moyen sur est de faire parvenir un log hijackthis sur forum.

J'espere ne pas paraitre "culoté" en venant expres sur ce forum pour que l'on me repare mes petits problemes, mais jespere que quelqu'un sera sympa et prendra un moment pour me dire ce kil en ait de mon soucis, parce que pour moi le hijackthis, ca ne me parle pas franchement, lol.

Voici le rapport obtenu :


Logfile of HijackThis v1.99.1
Scan saved at 17:38:44, on 20/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\utorrent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32undll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\AVWLPSTA.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\system32\gdmvstat.exe
C:\WINDOWS\system32\systemt4.exe
C:\WINDOWS\system32	cpipmon.exe
C:\WINDOWS\system32
bcvxst.exe
C:\WINDOWS\system32	cpipmon.exe
C:\WINDOWS\system32\winolssx.exe
C:\WINDOWS\system32\ipshaxaa.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\dpimmsl.exe
C:\WINDOWS\system32\blmpwest.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVWLPSTA.EXE] AVWLPSTA.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [kdmmcvs] C:\WINDOWS\system32\gdmvstat.exe
O4 - HKLM\..\Run: [SvcManager] systemt4.exe
O4 - HKLM\..\Run: [tcpipmon] tcpipmon.exe
O4 - HKLM\..\Run: [knddnetd] C:\WINDOWS\system32
bcvxst.exe
O4 - HKLM\..\Run: [cvaptmol] C:\WINDOWS\system32\winolssx.exe
O4 - HKLM\..\Run: [vstartjm] ipshaxaa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cxmslrs] C:\WINDOWS\system32\dpimmsl.exe
O4 - HKLM\..\Run: [hcinstmdl] C:\WINDOWS\system32\blmpwest.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [kdmmcvs] C:\WINDOWS\system32\gdmvstat.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - 
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) - 
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) - 
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - 
O17 - HKLM\System\CCS\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 84.103.237.140 86.64.145.140
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2BCB08E-E062-41E8-9917-15E30C033BD6}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 84.103.237.140 86.64.145.140
O18 - Protocol: bw+0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Microsoft Corporation - Unknown owner - C:\WINDOWS\utorrent.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe



En tout cas merci par avance si on me repond, ce malware est vraiment trop casse c******

Regis59 · Answer

Salut,

Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt) 

A+

loic42 · Answer

Voila, c'est fait! Merci d'avoir pris ma demande!!!
Voici le rapport obtenu:

Search Navipromo version 1.0.7 commencé le 21/03/2007 à 18:34:52,09
 
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Documents and Settings\Lo‹c\Bureau
Mise a jour le 12.03.2007 a 18h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes *** 

 


*** Recherche dossiers dans C:\WINDOWS ***


 

*** Recherche dossiers dans C:\Program Files ***


 

*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***


 

*** Recherche dossiers dans C:\Documents and Settings\Lo‹c\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1055.

[+] Started on 03/21/07 at 18:34:57.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ..........................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 03/21/07 at 18:37:38 (return code = 0).


*** Recherche fichiers *** 




*** Recherche cles registre *** 


Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] 
 
 

Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] 
 
 

Recherche Clé Magic Control 
 
 
 
*** Module de recherche complémentaire *** 
(recherche fichiers spécifiques) 
 
1)Recherche fichiers connus:


2)Recherche Heuristique :
* 
** 
*** 
**** 
***** 
****** 
******* 
******** 
 
 
*** Analyse Terminé le 21/03/2007 à 18:38:13,00 ***


c'est grave docteur????lol

Regis59 · Answer

Salut

C'est clean lol

Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Exécute le Smitfraudfix.exe et choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.

A+

loic42 · Answer

salut!
Les reponses sont super rapide, merci!

Voila le nouveau rapport:

SmitFraudFix v2.151

Rapport fait à 21:27:39,43, 21/03/2007
Executé à partir de C:\Documents and Settings\Lo‹c\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\RegistryCleanerSetup.exe PRESENT !
C:\WINDOWS\system32	cpipmon.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Lo‹c


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Lo‹c\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LOC~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Il fait moins mal a la tete a lire celui la, mais c'est pas encore ca!

Regis59 · Answer

Salut

Lol

:)

Démarre en mode sans échec : 
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter 
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée. 
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal ! 
(Si F8 ne marche pas utilise la touche F5).  
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

A+

loic42 · Answer

Re salut!

J'ai fais comme tu m'a dis. J'ai pris un petit "coup de chaud" au redemarrage : Je ne pouvais plus me connecter au net....

En fait ce qui c'est passé c'est que j'ai un démarrage propre: je n'ai que l'icone de mon antivirus et du son qui on demarré, ca m'a aussi enlevé mon fond d'ecran, et ca c'est vraiment horrible, lol.

Plus sérieusement, puisque je n'ai que ce qui est essentiel qui ce lance au démarrage.... Je n'ai plus cette immonde icone parasite rouge de registry cleaner!!!!!!!

Peut etre que je crie victoire trop vite alors voila le dernier rapport etablit:

SmitFraudFix v2.151

Rapport fait à  0:27:56,35, 22/03/2007
Executé à partir de C:\Documents and Settings\Lo‹c\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1       localhost


(ici il y avait plus d'espace, je l'ai coupé, je pense pas que cétait important)


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\system32\RegistryCleanerSetup.exe supprimé
C:\WINDOWS\system32	cpipmon.exe supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


Rassure moi... c'est finit??? Mon petit PC est guerit du mechant malware???

En tous les cas je te remercie infiniment du travail que tu as fais pour moi, ce n'est peut etre rien pour toi mais sans ca j'aurais formaté parce que mes competence en informatique ne sont pas orienté sur la securité.

Vraiment c'est super sympas le travail qui est fait ici!

Encore merci, c'est pas que j'en fais trop avec mes remerciements, mais c'est que je suis vraiment content!!!!

loic42 · Answer

....j'ai crié un peu trop vite victoire...

J'avais un autre soucis qui est apparu en meme temps que registry cleaner et je viens de voir que ce probleme est toujours present lorsque j'éteint mon ordi(et je precise de maniere normale).

Avant la phase final ou il s'etint simplement j'ai un bel ecran bleu avec le message suivant:

stop : c0000021a { erreur systme irrecuperable}
le processus systeme windows logon process s'est terminé de facon innattendue avec l'état 0xc000 000 5 (0x000 000 000       0x000 000 000)
Le systeme a ete arreté.

Voila une belle phrase pleine de poesie... Je n'avait pas parlé de ca avant parce que je pensais que ca partirai avec le reste, ... bah je me suis trompé...

A plus

Regis59 · Answer

Salut :)

Remet un hijackthis.

A+

loic42 · Answer

Voila ce que j'ai obtenu:

Logfile of HijackThis v1.99.1
Scan saved at 21:23:21, on 22/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
aSystem32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32undll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\AVWLPSTA.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\system32\gdmvstat.exe
C:\WINDOWS\system32\systemt4.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32
bcvxst.exe
C:\WINDOWS\system32\winolssx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ipshaxaa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\dpimmsl.exe
C:\WINDOWS\system32\blmpwest.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVWLPSTA.EXE] AVWLPSTA.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [kdmmcvs] C:\WINDOWS\system32\gdmvstat.exe
O4 - HKLM\..\Run: [SvcManager] systemt4.exe
O4 - HKLM\..\Run: [knddnetd] C:\WINDOWS\system32
bcvxst.exe
O4 - HKLM\..\Run: [cvaptmol] C:\WINDOWS\system32\winolssx.exe
O4 - HKLM\..\Run: [vstartjm] ipshaxaa.exe
O4 - HKLM\..\Run: [cxmslrs] C:\WINDOWS\system32\dpimmsl.exe
O4 - HKLM\..\Run: [hcinstmdl] C:\WINDOWS\system32\blmpwest.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [kdmmcvs] C:\WINDOWS\system32\gdmvstat.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - 
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) - 
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) - 
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - 
O17 - HKLM\System\CCS\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 84.103.237.142 86.64.145.142
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2BCB08E-E062-41E8-9917-15E30C033BD6}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 84.103.237.142 86.64.145.142
O17 - HKLM\System\CS2\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 84.103.237.145 86.64.145.145
O18 - Protocol: bw+0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

loic42 · Answer

je le dirais jamais assez mais encore merci de te prendre la tete pour moi!

Regis59 · Answer

Bonjour, 

Méthode à suivre dans l'ordre... 
---------------------------------------------------------------------------- 
¤Télécharge ces logiciels mais que tu n‘utilises pas tout de suite: 

1/

Spybot S&D 1.4 
https://www.safer-networking.org/ 

Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

2/

Ad-Aware SE 1.06 
https://www.adaware.com/ 
-Une aide:
http://usa.lucretius-ada.com/zcvisitor/8782d344-4821-11ea-83ce-0a2cdf2c6be7?campaignid=0d1dff40-82d7-11e9-9533-0a157bfa6bfc 
- installe le patch français, tu pourras le trouver ici: 
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe 
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation).
http://pageperso.aol.fr/balltrap34/adawrevid.asf 

3/ AVG Anti-Spyware :

https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/ 

4/ Ccleaner :

https://www.malekal.com/tutoriel-ccleaner/
---------------------------------------------------------------------------- 
¤Affiche tous les fichiers et dossiers : 
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage 

Coche « afficher les fichiers et dossiers cachés » 

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)" 

Décoche « masquer les extensions dont le type est connu » 
Puis fais «Ok» pour valider les changements. 

Et appliquer !
---------------------------------------------------------------------------- 
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [kdmmcvs] C:\WINDOWS\system32\gdmvstat.exe

O4 - HKLM\..\Run: [knddnetd] C:\WINDOWS\system32
bcvxst.exe

O4 - HKLM\..\Run: [cvaptmol] C:\WINDOWS\system32\winolssx.exe

O4 - HKLM\..\Run: [vstartjm] ipshaxaa.exe

O4 - HKLM\..\Run: [cxmslrs] C:\WINDOWS\system32\dpimmsl.exe

O4 - HKLM\..\Run: [hcinstmdl]
C:\WINDOWS\system32\blmpwest.exe

O4 - HKCU\..\Run: [kdmmcvs] C:\WINDOWS\system32\gdmvstat.exe 

O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
---------------------------------------------------------------------------- 
¤Démarre en mode sans échec : 
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter 
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée. 
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal ! 
(Si F8 ne marche pas utilise la touche F5).  
----------------------------------------------------------------------------
¤Recherche et supprime ceci: 
attention seulement les fichiers  (si présents).

C:\WINDOWS\system32\gdmvstat.exe
C:\WINDOWS\system32
bcvxst.exe
C:\WINDOWS\system32\winolssx.exe
ipshaxaa.exe
C:\WINDOWS\system32\dpimmsl.exe
C:\WINDOWS\system32\blmpwest.exe
C:\WINDOWS\system32\gdmvstat.exe 
C:\WINDOWS\SYSTEM32\instcat.dll

----------------------------------------------------------------------------
¤ Lance AVG Anti-Spyware

Clique sur le bouton Analyse (de la barre d'outils)

Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.

Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option 3

"Appliquer toutes les actions " en bas.

Clique sur "Enregistrer le rapport".

Copie/colle le rapport sur le forum.
----------------------------------------------------------------------------
¤ Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
----------------------------------------------------------------------------
¤ Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
-------------------------------------------------------------------------------------------
¤ Lance CCleaner comme sur le tuto fournit au début de la procédure.
----------------------------------------------------------------------------
¤ Vide ta Corbeille.
----------------------------------------------------------------------------
¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.

Précise tes soucis s’il en reste.... 

Tiens-moi au courant 
 
A+

loic42 · Answer

Salut!

Et bien!!!Tu m'en as donné du boulot!

Les logiciels sont super ils m'ont enlevé pas mal de spywares et divers erreurs, le probleme par contre est que j'ai toujours le meme probleme a la fermeture du PC....

voici le dernier rapport tout beau tout frais Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 20:29:36, on 23/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32undll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\AVWLPSTA.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\system32\systemt4.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVWLPSTA.EXE] AVWLPSTA.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [SvcManager] systemt4.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - 
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) - 
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) - 
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - 
O17 - HKLM\System\CCS\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 86.64.145.144 84.103.237.144
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2BCB08E-E062-41E8-9917-15E30C033BD6}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 86.64.145.144 84.103.237.144
O17 - HKLM\System\CS2\Services\Tcpip\..\{193CACDA-6AC7-48D2-9FBB-9BE3CC013868}: NameServer = 86.64.145.141 84.103.237.141
O18 - Protocol: bw+0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4E87E8B4-4C33-4A08-994D-F4A0F35BEE2A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe



Et voici le rapport AVG:



---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	19:38:50 23/03/2007

 + Résultat de l'analyse:	



C:\Program Files\SWiSHpix\ScreenSaver.scr -> Heuristic.Win32.Dialer : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.33:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.35:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.246:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.118:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.119:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.124:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.283:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.145:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.146:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.111:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.9:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.28:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.102:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.122:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.123:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.125:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.156:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.212:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.262:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.781:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.782:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.724:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.696:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.143:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.132:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.133:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.134:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.55:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.589:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.590:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.182:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.183:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.170:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.171:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.172:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.114:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.115:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.116:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\gz5t2ely.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0DIZWPU3\mlzuyupgoe[5].htm -> Trojan.ProcKill.DJ : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0DIZWPU3\mlzuyupgoe[6].htm -> Trojan.ProcKill.DJ : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0DIZWPU3\mlzuyupgoe[7].htm -> Trojan.ProcKill.DJ : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport

loic42 · Answer

petite rectification par rapport au rapport AVG, je vien de supprimer ce kil y avait en 40Taine

A +

Regis59 · Answer

Salut

Fixe :

O4 - HKLM\..\Run: [SvcManager] systemt4.exe 

Supprime:
C:\WINDOWS\system32\systemt4.exe 

Redemarre

a+

loic42 · Answer

j'ai fais ce que tu m'as dis, toujours le meme soucis...
par contre dans le post d'avant tu m'as dis de supprimer  :

C:\WINDOWS\SYSTEM32\instcat.dll

Je n'ai pas pu le supprimé:acces interdit , verifiez que le disk n'est pas protegé en ecriture et bla bla bla...

Regis59 · Answer

Salut

Supprime le en MSE.

¤Démarre en mode sans échec : 
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter 
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée. 
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal ! 
(Si F8 ne marche pas utilise la touche F5).  

A+

loic42 · Answer

j'ai deja essayé et ca marche pas non plus

Regis59 · Answer

Salut

Ok.
Redemarre ton PC et remet un HijackThis.
On va le supprimer autrement.

A+

loic42 · Answer

Salut!

Apres une mise a jour de avg, le fichier instcat.dll a ete trouvé, mis en quarantaine et supprimé.

j'ai fais une recherche inscat et il me trouve un autre fichier du meme nom mais c'est un fichier texte(sql), dois-je aussi le supprimer?

Enfin meme après avoir supprimé ca j'ai encore et toujours le mem soucis a la fermeture du PC...

Est ce qu'il y a quelque chose a faire??

Je comprendrais si ca te soul, lol

a+

Regis59 · Answer

Salut

Non ca me saoule pas lol

Ouvre le fichier texte et copie colle ici ce qu il y a dedans.

Et remet un hijack this ;)

a+

loic42 · Answer

je crois que tu as de la lecture qui t'attends... Voila le fichier en question: /* ** INSTCAT.SQL ** Installs catalog stored procedures on the Microsoft SQL Server. ** Copyright Microsoft, Inc. 1994 - 2000 ** All Rights Reserved. ** ** Owners: ** ** iliak */ /****************************************************************************/ /* This portion sets up the ability to perform all the functions in this */ /* script */ /****************************************************************************/ go use master go dump tran master with no_log go set quoted_identifier on go if (exists (select * from sysobjects where name = 'sp_configure' and type = 'P ')) begin execute sp_configure 'update',1 end reconfigure with override go exec sp_MS_upd_sysobj_category 1 /*Capture datetime for use below.*/ go /* ** If old versions of tables exist, drop them. */ if (exists (select * from sysobjects where name = 'MSdatatype_info' and type = 'U ')) drop table MSdatatype_info go if (exists (select * from sysobjects where name = 'MSdatatype_info_ext' and type = 'U ')) drop table MSdatatype_info_ext go if (exists (select * from sysobjects where name = 'MStable_types' and type = 'U ')) drop table MStable_types go if (exists (select * from sysobjects where name = 'MSserver_info' and type = 'U ')) drop table MSserver_info go if (exists (select * from sysobjects where name = 'spt_table_types' and type = 'U ')) drop table spt_table_types go /* ** If tables or procs already exist, drop them. */ if (exists (select * from sysobjects where name = 'spt_datatype_info' and type = 'U ')) drop table spt_datatype_info go if (exists (select * from sysobjects where name = 'spt_datatype_info_ext' and type = 'U ')) drop table spt_datatype_info_ext go if (exists (select * from sysobjects where name = 'sp_add_server_sortinfo' and type = 'P ')) drop proc sp_add_server_sortinfo go if (exists (select * from sysobjects where name = 'sp_add_server_sortinfo75' and type = 'P ')) drop proc sp_add_server_sortinfo75 go if (exists (select * from sysobjects where name = 'spt_server_info' and type = 'U ')) drop table spt_server_info go if (exists (select * from sysobjects where name = 'sp_tables' and type = 'P ')) drop proc sp_tables go if (exists (select * from sysobjects where name = 'sp_statistics' and type = 'P ')) drop proc sp_statistics go if (exists (select * from sysobjects where name = 'sp_columns' and type = 'P ')) drop proc sp_columns go if (exists (select * from sysobjects where name = 'sp_fkeys' and type = 'P ')) drop proc sp_fkeys go if (exists (select * from sysobjects where name = 'sp_pkeys' and type = 'P ')) drop proc sp_pkeys dump tran master with no_log go go if (exists (select * from sysobjects where name = 'sp_stored_procedures' and type = 'P ')) drop proc sp_stored_procedures go if (exists (select * from sysobjects where name = 'sp_sproc_columns' and type = 'P ')) drop proc sp_sproc_columns go if (exists (select * from sysobjects where name = 'sp_table_privileges' and type = 'P ')) drop proc sp_table_privileges go if (exists (select * from sysobjects where name = 'sp_column_privileges' and type = 'P ')) drop proc sp_column_privileges go dump tran master with no_log go if (exists (select * from sysobjects where name = 'sp_server_info' and type = 'P ')) drop proc sp_server_info go if (exists (select * from sysobjects where name = 'sp_datatype_info' and type = 'P ')) drop proc sp_datatype_info go if (exists (select * from sysobjects where name = 'sp_special_columns' and type = 'P ')) drop proc sp_special_columns go if (exists (select * from sysobjects where name = 'sp_databases' and type = 'P ')) drop proc sp_databases go dump tran master with no_log go if (exists (select * from sysobjects where name = 'sp_ddopen' and type = 'P ')) drop proc sp_ddopen go if (exists (select * from sysobjects where name = 'sp_tableswc' and type = 'P ')) drop proc sp_tableswc go if (exists (select * from sysobjects where name = 'sp_tablecollations' and type = 'P')) drop proc sp_tablecollations go if (exists (select * from sysobjects where name = 'sp_bcp_dbcmptlevel' and type = 'P')) drop proc sp_bcp_dbcmptlevel go dump tran master with no_log go if (exists (select * from sysobjects where name = 'spt_provider_types' and type = 'U ')) begin drop table spt_provider_types dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_catalogs_rowset' and type = 'P ')) begin drop procedure sp_catalogs_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_column_privileges_rowset' and type = 'P ')) begin drop procedure sp_column_privileges_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_columns_rowset' and type = 'P ')) begin drop procedure sp_columns_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_check_constraints_rowset' and type = 'P ')) begin drop procedure sp_check_constraints_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_check_constbytable_rowset' and type = 'P ')) begin drop procedure sp_check_constbytable_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_foreign_keys_rowset' and type = 'P ')) begin drop procedure sp_foreign_keys_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_indexes_rowset' and type = 'P ')) begin drop procedure sp_indexes_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_primary_keys_rowset' and type = 'P ')) begin drop procedure sp_primary_keys_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_procedure_params_rowset' and type = 'P ')) begin drop procedure sp_procedure_params_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_procedures_rowset' and type = 'P ')) begin drop procedure sp_procedures_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_provider_types_rowset' and type = 'P ')) begin drop procedure sp_provider_types_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_schemata_rowset' and type = 'P ')) begin drop procedure sp_schemata_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_statistics_rowset' and type = 'P ')) begin drop procedure sp_statistics_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_tables_rowset' and type = 'P ')) begin drop procedure sp_tables_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_tables_info_rowset' and type = 'P ')) begin drop procedure sp_tables_info_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_tables_info_rowset_64' and type = 'P ')) begin drop procedure sp_tables_info_rowset_64 dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_table_constraints_rowset' and type = 'P ')) begin drop proc sp_table_constraints_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_table_privileges_rowset' and type = 'P ')) begin drop proc sp_table_privileges_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_linkedservers_rowset' and type = 'P ')) begin drop proc sp_linkedservers_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_table_statistics_rowset' and type = 'P ')) begin drop proc sp_table_statistics_rowset dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_oledb_column_constraints' and type = 'P ')) begin drop proc sp_oledb_column_constraints dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_oledb_indexinfo' and type = 'P ')) begin drop proc sp_oledb_indexinfo dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_oledb_ro_usrname' and type = 'P ')) begin drop proc sp_oledb_ro_usrname dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_oledb_deflang' and type = 'P ')) begin drop proc sp_oledb_deflang dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_oledb_defdb' and type = 'P ')) begin drop proc sp_oledb_defdb dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_oledb_database' and type = 'P ')) begin drop proc sp_oledb_database dump tran master with no_log end go if (exists (select * from sysobjects where name = 'sp_oledb_language' and type = 'P ')) begin drop proc sp_oledb_language dump tran master with no_log end go print 'creating table spt_datatype_info_ext' go if (charindex('6.00', @@version) = 0 and charindex('6.50', @@version) = 0 and charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin /* Pre 6.0 server */ print '' print '' print 'Warning:' print 'you are installing the stored procedures ' print 'on a pre 6.0 SQL Server.' print 'Ignore the following error.' create table spt_datatype_info_ext ( user_type smallint not null, CREATE_PARAMS varchar(32) null, AUTO_INCREMENT smallint null, typename varchar(32)) end go if (charindex('6.00', @@version) > 0 or charindex('6.50', @@version) > 0 or charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin /* 6.0 or later server */ create table spt_datatype_info_ext ( user_type smallint not null, CREATE_PARAMS varchar(32) null, AUTO_INCREMENT smallint null, typename sysname) /* from systypes, to avoid xusertype hard-code */ end go grant select on spt_datatype_info_ext to public go insert into spt_datatype_info_ext /* CHAR user_type, create_params, auto_increment */ values (1, 'length' ,0, 'char') insert into spt_datatype_info_ext /* VARCHAR user_type, create_params, auto_increment */ values (2, 'max length' ,0, 'varchar') insert into spt_datatype_info_ext /* BINARY user_type, create_params, auto_increment */ values (3, 'length' ,0, 'binary') insert into spt_datatype_info_ext /* VARBINARY user_type, create_params, auto_increment */ values (4, 'max length' ,0, 'varbinary') if (charindex('6.00', @@version) > 0 or charindex('6.50', @@version) > 0 or charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin /* Add 6.0 data types */ insert into spt_datatype_info_ext /* DECIMAL user_type, create_params, auto_increment */ values (26, 'precision,scale' ,0, 'decimal') insert into spt_datatype_info_ext /* NUMERIC user_type, create_params, auto_increment */ values (25, 'precision,scale' ,0, 'numeric') insert into spt_datatype_info_ext /* DECIMAL IDENTITY user_type, create_params, auto_increment */ values (26, 'precision' ,1, 'decimal') insert into spt_datatype_info_ext /* NUMERIC IDENTITY user_type, create_params, auto_increment */ values (25, 'precision' ,1, 'numeric') end else /* Pre 6.0 server, add SYSNAME create param */ begin insert into spt_datatype_info_ext /* SYSNAME user_type, create_param, auto_increments */ values (18, 'max length' ,0, 'sysname') end go if (charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin print '' print '' print 'Warning:' print 'you are installing the stored procedures ' print 'on a pre 8.0 SQL Server.' print 'Ignore the following errors.' end go if (charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin /* Update usertypes for 8.0 server */ begin tran insert into spt_datatype_info_ext /* NCHAR user_type, create_params, auto_increment */ values (0, 'length' ,0, 'nchar') insert into spt_datatype_info_ext /* NVARCHAR user_type, create_params, auto_increment */ values (0, 'max length' ,0, 'nvarchar') /* SET user_type TO SPHINX VALUES */ update spt_datatype_info_ext set user_type = xusertype from spt_datatype_info_ext e, systypes t where t.name = e.typename commit tran end go create unique clustered index datatypeinfoextclust on spt_datatype_info_ext(user_type,AUTO_INCREMENT) go print 'creating table spt_datatype_info' go if (charindex('6.00', @@version) = 0 and charindex('6.50', @@version) = 0 and charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin /* Pre 6.0 server */ print '' print '' print 'Warning:' print 'you are installing the stored procedures ' print 'on a pre 6.0 SQL Server.' print 'Ignore the following error.' create table spt_datatype_info ( ss_dtype tinyint not null, fixlen int null, /* datatype len for variable, else null */ ODBCVer tinyint null, /* version if needed, else null */ TYPE_NAME varchar(32) not null, DATA_TYPE smallint not null, data_precision int null, numeric_scale smallint null, /* min scale if 6.0 */ RADIX smallint null, length int null, LITERAL_PREFIX varchar(32) null, LITERAL_SUFFIX varchar(32) null, CREATE_PARAMS varchar(32) null, NULLABLE smallint not null, CASE_SENSITIVE smallint not null, SEARCHABLE smallint not null, UNSIGNED_ATTRIBUTE smallint null, MONEY smallint not null, AUTO_INCREMENT smallint null, LOCAL_TYPE_NAME varchar(32) null, charbin tinyint null, /* 0 for char/binary types, NULL for all others */ SQL_DATA_TYPE smallint not null, SQL_DATETIME_SUB smallint null) end go if (charindex('6.00', @@version) > 0 or charindex('6.50', @@version) > 0 or charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin /* 6.0 or later server */ create table spt_datatype_info ( ss_dtype tinyint not null, fixlen int null, /* datatype len for variable, else null */ ODBCVer tinyint null, /* version if needed, else null */ TYPE_NAME sysname not null, DATA_TYPE smallint not null, data_precision int null, numeric_scale smallint null, /* min scale if 6.0 */ RADIX smallint null, length int null, LITERAL_PREFIX varchar(32) null, LITERAL_SUFFIX varchar(32) null, CREATE_PARAMS varchar(32) null, NULLABLE smallint not null, CASE_SENSITIVE smallint not null, SEARCHABLE smallint not null, UNSIGNED_ATTRIBUTE smallint null, MONEY smallint not null, AUTO_INCREMENT smallint null, LOCAL_TYPE_NAME sysname null, charbin tinyint null, /* 0 for char/binary types, NULL for all others */ SQL_DATA_TYPE smallint not null, SQL_DATETIME_SUB smallint null) end go grant select on spt_datatype_info to public go /* Get case sensitivity */ if 'A' = 'A' /* create dummy begin block */ begin declare @case smallint begin tran select @case = 0 select @case = 1 where 'a' <> 'A' /* Local Binary */ insert into spt_datatype_info values (45,null,null,'binary',-2,null,null,null,null,'0x',null,'length',1,0,2,null,0,null,'binary',0,-2,null) /* Local Bit */ insert into spt_datatype_info values (50,null,null,'bit',-7,1,0,null,1,null,null,null,0,0,2,null,0,null,'bit',null,-7,null) /* Local Char */ insert into spt_datatype_info values (47,null,null,'char',1,null,null,null,null,'''','''','length',1,@case,3,null,0,null,'char',0,1,null) /* Local Datetime */ insert into spt_datatype_info values (61,8,2,'datetime',11,23,3,NULL,16,'''','''',null,1,0,3,null,0,null,'datetime',null,9,3) insert into spt_datatype_info values (61,8,3,'datetime',93,23,3,NULL,16,'''','''',null,1,0,3,null,0,null,'datetime',null,9,3) /* Local Smalldatetime */ insert into spt_datatype_info values (58,4,2,'smalldatetime',11,16,0,NULL,16,'''','''',null,1,0,3,null,0,null,'smalldatetime',null,9,3) insert into spt_datatype_info values (58,4,3,'smalldatetime',93,16,0,NULL,16,'''','''',null,1,0,3,null,0,null,'smalldatetime',null,9,3) /* Local Float */ insert into spt_datatype_info values (62,8,2,'float',6,15,null,10,8,null,null,null,1,0,2,0,0,0,'float',null,6,null) insert into spt_datatype_info values (62,8,3,'float',6,53,null, 2,8,null,null,null,1,0,2,0,0,0,'float',null,6,null) /* Local Real */ insert into spt_datatype_info values (59,4,2,'real',7, 7,null,10,4,null,null,null,1,0,2,0,0,0,'real',null,7,null) insert into spt_datatype_info values (59,4,3,'real',7,24,null, 2,4,null,null,null,1,0,2,0,0,0,'real',null,7,null) /* Local Smallmoney */ insert into spt_datatype_info values (122,4,null,'smallmoney',3,10,4,10,12,'$',null,null,1,0,2,0,1,0,'smallmoney',null,3,null) /* Local Money */ insert into spt_datatype_info values (60,8,null,'money',3,19,4,10,21,'$',null,null,1,0,2,0,1,0,'money',null,3,null) /* Local Int */ insert into spt_datatype_info values (56,4,null,'int',4,10,0,10,4,null,null,null,1,0,2,0,0,0,'int',null,4,null) commit tran end go if 'A' = 'A' /* create dummy begin block */ begin declare @case smallint begin tran select @case = 0 select @case = 1 where 'a' <> 'A' /* Local Smallint */ insert into spt_datatype_info values (52,2,null,'smallint',5,5,0,10,2,null,null,null,1,0,2,0,0,0,'smallint',null,5,null) insert into spt_datatype_info values (52,2,1,'smallint',5,5,0,10,2,null,null,null,1,0,2,0,0,0,'smallint',null,5,null) /* Local Tinyint */ insert into spt_datatype_info values (48,1,null,'tinyint',-6,3,0,10,1,null,null,null,1,0,2,1,0,0,'tinyint',null,-6,null) /* Local Text */ insert into spt_datatype_info values (35,null,null,'text',-1,2147483647,null,null,2147483647,'''','''',null,1,@case,1,null,0,null,'text',0,-1,null) /* Local Varbinary */ insert into spt_datatype_info values (37,null,null,'varbinary',-3,null,null,null,null,'0x',null,'max length',1,0,2,null,0,null,'varbinary',0,-3,null) /* Local Varchar */ insert into spt_datatype_info values (39,null,null,'varchar',12,null,null,null,null,'''','''','max length',1,@case,3,null,0,null,'varchar',0,12,null) /* Local Image */ insert into spt_datatype_info values (34,null,null,'image',-4,2147483647,null,null,2147483647,'0x',null,null,1,0,0,null,0,null,'image',0,-4,null) if (charindex('6.00', @@version) > 0 or charindex('6.50', @@version) > 0 or charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin /* Add 6.0 data types */ /* Local Decimal */ insert into spt_datatype_info values /* sql server type is 'decimaln' */ (55,null,null,'decimal',3,38,0,10,null,null,null,'precision,scale',1,0,2,0,0,0,'decimal',null,3,null) /* Local Numeric */ insert into spt_datatype_info values /* sql server type is 'numericn' */ (63,null,null,'numeric',2 ,38,0,10,null,null,null,'precision,scale',1,0,2,0,0,0,'numeric',null,2,null) /* Identity attribute data types */ /* Identity Int */ insert into spt_datatype_info values (56,null,null,'int identity',4,10,0,10,null,null,null,null,0,0,2,0,0,1,'int identity',null,4,null) /* Identity Smallint */ insert into spt_datatype_info values (52,null,null,'smallint identity',5,5,0,10,null,null,null,null,0,0,2,0,0,1,'smallint identity',null,5,null) /* Identity Tinyint */ insert into spt_datatype_info values (48,null,null,'tinyint identity',-6,3,0,10,null,null,null,null,0,0,2,1,0,1,'tinyint identity',null,-6,null) /* Identity Numeric */ insert into spt_datatype_info values /* sql server type is 'decmaln' */ (55,null,null,'decimal() identity',3,38,0,10,null,null,null,'precision,scale',0,0,2,0,0,1,'decimal() identity',null,3,null) /* Identity Numeric */ insert into spt_datatype_info values /* sql server type is 'decmaln' */ (63,null,null,'numeric() identity',2,38,0,10,null,null,null,'precision,scale',0,0,2,0,0,1,'numeric() identity',null,2,null) end if (charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin /* Add nullable type for non-8.0 server */ /* Local Datetimn */ insert into spt_datatype_info values (111,4,2,'smalldatetime',11,16,0,10,16,'''','''',null,1,0,3,null,0,null,'smalldatetime',null,9,3) insert into spt_datatype_info values (111,4,3,'smalldatetime',93,16,0,10,16,'''','''',null,1,0,3,null,0,null,'smalldatetime',null,9,3) insert into spt_datatype_info values /* sql server type is 'datetimn' */ (111,8,2,'datetime',11,23,3,10,16,'''','''',null,1,0,3,null,0,null,'datetime',null,9,3) insert into spt_datatype_info values (111,8,3,'datetime',93,23,3,10,16,'''','''',null,1,0,3,null,0,null,'datetime',null,9,3) /* Local Floatn */ insert into spt_datatype_info values /* sql server type is 'floatn' */ (109,4,2,'real',7, 7,null,10,4,null,null,null,1,0,2,0,0,0,'real',null,7,null) insert into spt_datatype_info values (109,4,3,'real',7,24,null, 2,4,null,null,null,1,0,2,0,0,0,'real',null,7,null) insert into spt_datatype_info values /* sql server type is 'floatn' */ (109,8,2,'float',6,15,null,10,8,null,null,null,1,0,2,0,0,0,'float',null,6,null) insert into spt_datatype_info values (109,8,3,'float',6,53,null, 2,8,null,null,null,1,0,2,0,0,0,'float',null,6,null) /* Local Moneyn */ insert into spt_datatype_info values /* sql server type is 'moneyn' */ (110,4,null,'smallmoney',3,10,4,10,12,'$',null,null,1,0,2,0,1,0,'smallmoney',null,3,null) insert into spt_datatype_info values /* sql server type is 'moneyn' */ (110,8,null,'money',3,19,4,10,21,'$',null,null,1,0,2,0,1,0,'money',null,3,null) /* Local Intn */ insert into spt_datatype_info values /* sql server type is 'intn' */ (38,4,null,'int',4,10,0,10,4,null,null,null,1,0,2,0,0,0,'int',null,4,null) insert into spt_datatype_info values /* sql server type is 'intn' */ (38,2,null,'smallint',5,5,0,10,2,null,null,null,1,0,2,0,0,0,'smallint',null,5,null) insert into spt_datatype_info values (38,1,null,'tinyint',-6,3,0,10,1,null,null,null,1,0,2,1,0,0,'tinyint',null,-6,null) if (charindex('6.00', @@version) > 0 or charindex('6.50', @@version) > 0 or charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin /* Add 6.0 data types */ /* Local Decimaln */ insert into spt_datatype_info values /* sql server type is 'decimaln' */ (106,null,null,'decimal',3,38,0,10,null,null,null,'precision,scale',1,0,2,0,0,0,'decimal',null,3,null) insert into spt_datatype_info values /* sql server type is 'decmaln' */ (106,null,null,'decimal() identity',3,38,0,10,null,null,null,'precision,scale',0,0,2,0,0,1,'decimal() identity',null,3,null) /* Local Numericn */ insert into spt_datatype_info values /* sql server type is 'numericn' */ (108,null,null,'numeric',2,38,0,10,null,null,null,'precision,scale',1,0,2,0,0,0,'numeric',null,2,null) insert into spt_datatype_info values /* sql server type is 'decmaln' */ (108,null,null,'numeric() identity',2,38,0,10,null,null,null,'precision,scale',0,0,2,0,0,1,'numeric() identity',null,2,null) end end commit tran end go if (charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin print '' print '' print 'Warning:' print 'you are installing the stored procedures ' print 'on a pre 8.0 SQL Server.' print 'Ignore the following errors.' end go if (charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin declare @ncase smallint select @ncase = 0 select @ncase = 1 where N'a' <> N'A' /* Local Timestamp */ insert into spt_datatype_info values (0,null,null,'timestamp',-2,8,null,null,null,'0x',null,null,1,0,2,null,0,null,'timestamp',0,-2,null) /* Local GUID */ insert into spt_datatype_info values (0,null,null,'uniqueidentifier',-11,36,null,null,null,'''','''',null,1,0,2,null,0,null,'uniqueidentifier',NULL,-11,null) /* Local NChar */ insert into spt_datatype_info values (0,null,null,'nchar',-8,null,null,null,null,'N''','''','length',1,@ncase,3,null,0,null,'nchar',0,-8,null) /* Local NVarchar */ insert into spt_datatype_info values (0,null,null,'nvarchar',-9,null,null,null,null,'N''','''','max length',1,@ncase,3,null,0,null,'nvarchar',0,-9,null) /* Local NText */ insert into spt_datatype_info values (0,null,null,'ntext',-10,2147483646,null,null,2147483646,'N''','''',null,1,@ncase,1,null,0,null,'ntext',0,-10,null) if (charindex('8.00', @@version) > 0) begin -- /* Local BIGINT */ insert into spt_datatype_info values (127,8,null,'bigint',-5,19,0,10,null,null,null,null,1,0,2,0,0,0,'bigint',null,-5,null) -- /* Identity BIGINT */ insert into spt_datatype_info values (127,8,null,'bigint identity',-5,19,0,10,null,null,null,null,0,0,2,0,0,1,'bigint identity',null,-5,null) -- /* sql_variant */ insert into spt_datatype_info values ( 98, --ss_dtype null, --fixlen null, --ODBCVer 'sql_variant', --TYPE_NAME -150, --SQL DATA TYPE 8000, --data_precision 0, --numeric_scale 10, --RADIX 8000, --length null, --PREFIX null, --SUFFIX null, --Create Params 1, --Nullable 0, --Case sensitive 2, --Searchable null, --UNSIGNED_ATTRIBUTE 0, --MONEY null, --AUTO_INCREMENT 'sql_variant', --LOCAL TYPE NAME 0, --CHARBIN -150, --SQL_DATA_TYPE null --SQL_DATETIME_SUB ) end update spt_datatype_info set NULLABLE = 1 where TYPE_NAME = 'bit' update spt_datatype_info set ss_dtype = isnull((select distinct xtype from systypes where TYPE_NAME like name+'%'),0) end go create unique clustered index datatypeinfoclust on spt_datatype_info(ss_dtype,fixlen,ODBCVer,AUTO_INCREMENT) go dump tran master with no_log go print 'creating table spt_server_info' go create table spt_server_info ( attribute_id int NOT NULL, attribute_name varchar(60) NOT NULL, attribute_value varchar(255) NOT NULL) go create unique clustered index serverinfoclust on spt_server_info(attribute_id) go if (charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin drop procedure sp_add_server_sortinfo /* not used by other servers */ drop procedure sp_add_server_sortinfo75 /* not used by older servers */ dump tran master with no_log end go insert into spt_server_info values (1,'DBMS_NAME','Microsoft SQL Server') insert into spt_server_info values (2,'DBMS_VER',@@version) insert into spt_server_info values (10,'OWNER_TERM','owner') insert into spt_server_info values (11,'TABLE_TERM','table') insert into spt_server_info values (12,'MAX_OWNER_NAME_LENGTH','30') insert into spt_server_info values (13,'TABLE_LENGTH','30') insert into spt_server_info values (14,'MAX_QUAL_LENGTH','30') insert into spt_server_info values (15,'COLUMN_LENGTH','30') if 'A' = 'a' /* If not case sensitive server */ begin insert into spt_server_info values (16,'IDENTIFIER_CASE','MIXED') end else begin insert into spt_server_info values (16,'IDENTIFIER_CASE','SENSITIVE') end insert into spt_server_info values (17,'TX_ISOLATION','2') if (charindex('6.00', @@version) > 0 or charindex('6.50', @@version) > 0 or charindex('7.00', @@version) > 0) begin /* Add 6.0 collation sequence */ insert into spt_server_info select 18,'COLLATION_SEQ', 'charset='+t2.name+' sort_order='+t1.name +' charset_num='+rtrim(convert(char(4),t1.csid))+ ' sort_order_num='+rtrim(convert(char(4),t1.id)) from syscharsets t1, syscharsets t2, sysconfigures t3 where t1.csid=t2.id and t1.id=t3.value and t3.config=1123 end else begin /* Add 4.2x collation sequence */ insert into spt_server_info select 18,'COLLATION_SEQ', 'charset='+t2.name+' sort_order='+t1.name +' charset_num='+rtrim(convert(char(4),t1.csid))+ ' sort_order_num='+rtrim(convert(char(4),t1.id)) from syscharsets t1, syscharsets t2, sysconfigures t3 where t1.csid=t2.id and t1.id=t3.value and t3.config=123 end insert into spt_server_info values (19,'SAVEPOINT_SUPPORT','Y') insert into spt_server_info values (20,'MULTI_RESULT_SETS','Y') insert into spt_server_info values (22,'ACCESSIBLE_TABLES','Y') insert into spt_server_info values (100,'USERID_LENGTH','30') insert into spt_server_info values (101,'QUALIFIER_TERM','database') insert into spt_server_info values (102,'NAMED_TRANSACTIONS','Y') insert into spt_server_info values (103,'SPROC_AS_LANGUAGE','Y') insert into spt_server_info values (104,'ACCESSIBLE_SPROC','Y') insert into spt_server_info values (105,'MAX_INDEX_COLS','16') insert into spt_server_info values (106,'RENAME_TABLE','Y') insert into spt_server_info values (107,'RENAME_COLUMN','Y') if (charindex('8.00', @@version) > 0) begin /* Columns may be dropped on 8.0 or later */ insert into spt_server_info values (108,'DROP_COLUMN','Y') end else begin insert into spt_server_info values (108,'DROP_COLUMN','N') end if (charindex('8.00', @@version) > 0) begin /* Columns size may be changed on 8.0 or later */ insert into spt_server_info values (109,'INCREASE_COLUMN_LENGTH','Y') end else begin insert into spt_server_info values (109,'INCREASE_COLUMN_LENGTH','N') end if (charindex('6.50', @@version) = 0 and charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin insert into spt_server_info values (110,'DDL_IN_TRANSACTION','N') end else begin insert into spt_server_info values (110,'DDL_IN_TRANSACTION','Y') end if (charindex('8.00', @@version) > 0) begin /* Descending indexes allowed on 8.0 or later */ insert into spt_server_info values (111,'DESCENDING_INDEXES','Y') end else begin insert into spt_server_info values (111,'DESCENDING_INDEXES','N') end insert into spt_server_info values (112,'SP_RENAME','Y') insert into spt_server_info values (113,'REMOTE_SPROC','Y') insert into spt_server_info values (500,'SYS_SPROC_VERSION',convert(varchar(9), serverproperty ('ProductVersion'))) go if (charindex('7.00', @@version) > 0 or charindex('8.00', @@version) > 0) begin /* Update values for 8.0 server */ update spt_server_info set attribute_value = '128' where attribute_id in (12,13,14,15,100) end go grant select on spt_server_info to public go print 'creating sp_column_privileges' go /* Procedure for pre 6.50 server */ CREATE PROCEDURE sp_column_privileges ( @table_name varchar(32), @table_owner varchar(32) = null, @table_qualifier varchar(32) = null, @column_name varchar(96) = null) /* 3*32 */ as set nocount on declare @table_id int DECLARE @full_table_name varchar(65) /* 2*32 + 1 */ declare @low smallint /* range of userids to check */ declare @high smallint declare @owner_uid smallint select @low = 0, @high = 32767 if @column_name is null /* If column name not supplied, match all */ select @column_name = '%' if @table_qualifier is not null begin if db_name() <> @table_qualifier begin /* If qualifier doesn't match current database */ raiserror 20001 '~~Rush_5~~' return end end if @table_owner is null begin /* If unqualified table name */ SELECT @full_table_name = @table_name end else begin /* Qualified table name */ SELECT @full_table_name = @table_owner + '.' + @table_name end /* Get Object ID */ select @table_id = object_id(@full_table_name) if (@@trancount <> 0) begin /* If inside a transaction */ raiserror 20003 '~~Rush_6~~' return end /* ** We need to create a table which will contain a row for every row to ** be returned to the client. */ create table #column_priv1( COLUMN_NAME varchar(32) NOT NULL, grantor smallint NOT NULL, grantee smallint NOT NULL, select_privilege bit, select_grantable bit, insert_privilege bit, insert_grantable bit, update_privilege bit, update_grantable bit, references_privilege bit, references_grantable bit, uid smallint NOT NULL, gid smallint NOT NULL) /* ** insert a row for the table owner (who has all permissions) */ select @owner_uid = ( select uid from sysobjects where id = @table_id) if (charindex('6.00', @@version) > 0) begin insert into #column_priv1 select c.name, u.uid, @owner_uid, 0, 1, 0, 1, 0, 1, 0, 1, @owner_uid, 0 from syscolumns c, sysusers u where id = @table_id and c.number = 0 and u.uid = 1 /* grantor is dbo of database */ end else begin insert into #column_priv1 select c.name, u.uid, @owner_uid, 0, 1, 0, 1, 0, 1, 0, 0, @owner_uid, 0 from syscolumns c, sysusers u where id = @table_id and c.number = 0 and u.uid = 1 /* grantor is dbo of database */ end /* ** now stick in a row for every column for every user in the database ** we will need to weed out those who have no permissions later ** (and yes this is a cartesion product: the uid field in sysprotects ** can also have a group id, in which case we need to extend those ** privileges to all group members). */ insert into #column_priv1 select distinct c.name, o.uid, u.uid, 0, 0, 0, 0, 0, 0, 0, 0, u.uid, u.gid from sysusers u, syscolumns c, sysobjects o where o.id = @table_id and c.id = o.id and c.number = 0 and u.gid <> u.uid and u.uid <> @owner_uid /* ** we need to create another temporary table to contain all the various ** protection information for the table in question */ create table #protects ( uid smallint NOT NULL, grantor smallint NOT NULL, action tinyint NOT NULL, protecttype tinyint NOT NULL, name varchar(32) NOT NULL) insert into #protects select p.uid, p.uid, p.action, p.protecttype, isnull(col_name(id, c.number), '~All') from sysprotects p, master.dbo.spt_values c, master.dbo.spt_values a, master.dbo.spt_values b where convert(tinyint, substring(isnull(p.columns, 0x1), c.low, 1)) & c.high <> 0 and c.number <= ( select count(*) from syscolumns where id = @table_id) and c.type = 'P' and a.type = 'T' and a.number = p.action and p.action in (193,195,197,26) and b.type = 'T' and b.number = p.protecttype and p.id = @table_id and p.uid between @low and @high update #column_priv1 set select_privilege = 1 from #protects p where p.protecttype = 205 and p.action = 193 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 193 and (name = #column_priv1.COLUMN_NAME or name = '~All') and ( uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) update #column_priv1 set insert_privilege = 1 from #protects p where p.protecttype = 205 and p.action = 195 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 195 and (name = #column_priv1.COLUMN_NAME or name = '~All') and (uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) update #column_priv1 set update_privilege = 1 from #protects p where p.protecttype = 205 and p.action = 197 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 197 and (name = #column_priv1.COLUMN_NAME or name = '~All') and (uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) update #column_priv1 set references_privilege = 1 from #protects p where p.protecttype = 205 and p.action = 26 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 26 and (name = #column_priv1.COLUMN_NAME or name = '~All') and (uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) update #column_priv1 set select_grantable = 1 from #protects p where p.protecttype = 204 and p.action = 193 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 193 and (name = #column_priv1.COLUMN_NAME or name = '~All') and ( uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) update #column_priv1 set insert_grantable = 1 from #protects p where p.protecttype = 204 and p.action = 195 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 195 and (name = #column_priv1.COLUMN_NAME or name = '~All') and ( uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) update #column_priv1 set update_grantable = 1 from #protects p where p.protecttype = 204 and p.action = 197 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 197 and (name = #column_priv1.COLUMN_NAME or name = '~All') and ( uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) update #column_priv1 set references_grantable = 1 from #protects p where p.protecttype = 204 and p.action = 26 and (p.name = #column_priv1.COLUMN_NAME or name = '~All') and (p.uid = 0 or p.uid = #column_priv1.gid or p.uid = #column_priv1.uid) and not exists ( select * from #protects where protecttype = 206 and action = 26 and (name = #column_priv1.COLUMN_NAME or name = '~All') and ( uid = 0 or uid = #column_priv1.gid or uid = #column_priv1.uid)) create table #column_priv2( COLUMN_NAME varchar(32) NOT NULL, grantor smallint NULL, grantee smallint NOT NULL, PRIVILEGE varchar(32) NOT NULL, IS_GRANTABLE varchar(3) NULL) insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'SELECT', 'NO' from #column_priv1 where select_privilege = 1 and select_grantable = 0 insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'INSERT', 'NO' from #column_priv1 where insert_privilege = 1 and insert_grantable = 0 insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'UPDATE', 'NO' from #column_priv1 where update_privilege = 1 and update_grantable = 0 insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'REFERENCES', 'NO' from #column_priv1 where references_privilege = 1 and references_grantable = 0 insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'SELECT', 'YES' from #column_priv1 where select_grantable = 1 insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'INSERT', 'YES' from #column_priv1 where insert_grantable = 1 insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'UPDATE', 'YES' from #column_priv1 where update_grantable = 1 insert into #column_priv2 select COLUMN_NAME, grantor, grantee, 'REFERENCES', 'YES' from #column_priv1 where references_grantable = 1 select convert(varchar(32),db_name()) TABLE_QUALIFIER, convert(varchar(32),user_name(@owner_uid)) TABLE_OWNER, @table_name TABLE_NAME, COLUMN_NAME, convert(varchar(32),user_name(grantor)) GRANTOR, convert(varchar(32),user_name(grantee)) GRANTEE, PRIVILEGE, IS_GRANTABLE from #column_priv2 where COLUMN_NAME like @column_name order by 4, 7 go if (charindex('6.50', @@version) = 0 and charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin print '' print '' print 'Warning:' print 'you are installing the stored procedures ' print 'on a pre 6.50 SQL Server.' print 'Ignore the following errors.' end else drop proc sp_column_privileges go /* Procedure for 6.50 server */ CREATE PROCEDURE sp_column_privileges ( @table_name varchar(32), @table_owner varchar(32) = null, @table_qualifier varchar(32) = null, @column_name varchar(96) = null) /* 3*32 */ as declare @table_id int if @column_name is null /* If column name not supplied, match all */ select @column_name = '%' if @table_qualifier is not null begin if db_name() <> @table_qualifier begin /* If qualifier doesn't match current database */ raiserror (15250, -1,-1) return end end if @table_owner is null begin /* If unqualified table name */ select @table_id = object_id(@table_name) end else begin /* Qualified table name */ select @table_id = object_id(@table_owner + '.' + @table_name) end select convert(varchar(32),db_name()) TABLE_QUALIFIER, convert(varchar(32),user_name(o.uid)) TABLE_OWNER, @table_name TABLE_NAME, convert(varchar(32),c.name) COLUMN_NAME, convert(varchar(32),user_name(p.grantor)) GRANTOR, convert(varchar(32),user_name(u.uid)) GRANTEE, convert (varchar(32),case p.action when 193 then 'SELECT' when 195 then 'INSERT' when 197 then 'UPDATE' else 'REFERENCES' end) PRIVILEGE, convert (varchar(3),case when p.protecttype = 205 then 'NO' else 'YES' end) IS_GRANTABLE from sysprotects p, sysobjects o, sysusers u, master.dbo.spt_values v, syscolumns c where c.id = @table_id and c.name like @column_name and c.id = p.id and c.id = o.id and case substring(p.columns, 1, 1) & 1 when NULL then 255 /* all columns have permission */ when 0 then convert(tinyint, substring(p.columns, v.low, 1)) else (~convert(tinyint, isnull(substring(p.columns, v.low, 1),0))) end & v.high <> 0 /* permission applies to this column */ and v.number <= (select count(*) from syscolumns where id = @table_id) /* ranges from 1 to # of columns in table */ and v.type = 'P' and v.number = c.colid /* expand groups */ and ((p.uid = u.uid and u.uid <> u.gid) or (p.uid = u.gid and u.uid <> u.gid)) and p.protecttype <> 206 /* only grant rows */ and p.action in (26,193,195,197) and o.uid <> u.uid /* no rows for owner */ and not exists ( /* exclude revoke'd privileges */ select * from sysprotects p1 where p1.protecttype = 206 and p1.action = p.action and p1.id = p.id and p1.uid = u.uid and case substring(p1.columns, 1, 1) & 1 when NULL then 255 /* all columns have permission */ when 0 then convert(tinyint, substring(p1.columns, v.low, 1)) else (~convert(tinyint,isnull(substring(p.columns, v.low, 1),0))) end & v.high <> 0) /* permission applies to this column */ union select /* Add rows for table owner */ convert(varchar(32),db_name()) TABLE_QUALIFIER, convert(varchar(32),user_name(o.uid)) TABLE_OWNER, @table_name TABLE_NAME, convert(varchar(32),col_name(@table_id, c.colid)) COLUMN_NAME, convert(varchar(32),user_name(u.uid)) grantor, convert(varchar(32),user_name(o.uid)) grantee, convert (varchar(32),case v.number when 193 then 'SELECT' when 195 then 'INSERT' when 197 then 'UPDATE' else 'REFERENCES' end) PRIVILEGE, convert(varchar(3),'YES') IS_GRANTABLE from sysobjects o, master.dbo.spt_values v, sysusers u, syscolumns c where c.id = @table_id and c.name like @column_name and c.id = o.id and u.uid = 1 /* grantor is dbo of database */ and v.type = 'P' /* cross product to get all exposed privileges */ and v.number in (26,193,195,197) and not exists ( /* exclude revoke'd privileges */ select * from sysprotects p1 where p1.protecttype = 206 and p1.action = v.number and p1.id = o.id and p1.uid = o.uid) order by 4, 7 go if (charindex('7.00', @@version) = 0 and charindex('8.00', @@version) = 0) begin print '' print '' print 'Warning:' print 'you are installing the stored procedures ' print 'on a pre 8.0 SQL Server.' print 'Ignore the following errors.' end else drop proc sp_column_privileges go /* Procedure for 8.0 server */ CREATE PROCEDURE sp_column_privileges ( @table_name sysname, @table_owner sysname = null, @table_qualifier sysname = null, @column_name nvarchar(384) = null) /* 3*128 */ as declare @table_id int if @column_name is null /* If column name not supplied, match all */ select @column_name = '%' if @table_qualifier is not null begin if db_name() <> @table_qualifier begin /* If qualifier doesn't match current database */ raiserror (15250, -1,-1) return end end if @table_owner is null begin /* If unqualified table name */ select @table_id = object_id(quotename(@table_name)) end else begin /* Qualified table name */ if @table_owner = N'' begin /* If empty owner name */ select @table_id = 0 end else begin select @table_id = object_id(quotename(@table_owner) + '.' + quotename(@table_name)) end end select convert(sysname,db_name()) TABLE_QUALIFIER, convert(sysname,user_name(o.uid)) TABLE_OWNER, @table_name TABLE_NAME, convert(sysname,c.name) COLUMN_NAME, convert(sysname,user_name(p.grantor)) GRANTOR, convert(sysname,user_name(u.uid)) GRANTEE, convert (varchar(32),case p.action when 193 then 'SELECT' when 195 then 'INSERT' when 197 then 'UPDATE' else 'REFERENCES' end) PRIVILEGE, convert (varchar(3),case when p.protecttype = 205 then 'NO' else 'YES' end) IS_GRANTABLE from sysprotects p, sysobjects o, sysusers u, master.dbo.spt_values v, syscolumns c, sysmembers m where c.id = @table_id and c.name like @column_name and c.id = p.id and c.id = o.id and case substring(p.columns, 1, 1) & 1 when NULL then 255 /* all columns have permission */ when 0 then convert(tinyint, substring(p.columns, v.low, 1)) else (~convert(tinyint, isnull(substring(p.columns, v.low, 1),0))) end & v.high <> 0 /* permission applies to this column */ and v.number <= (select count(*) from syscolumns where id = @table_id) /* ranges from 1 to # of columns in table */ and v.type = N'P' and v.number = c.colid /* expand groups - AKUNDONE: only 1 level of group unrolling here. Need more?? */ and (u.uid > 0 and u.uid < 16384) and ((p.uid = u.uid) or (p.uid = m.groupuid and u.uid = m.memberuid)) and p.protecttype <> 206 /* only grant rows */ and p.action in (26,193,195,197) and o.uid <> u.uid /* no rows for owner */ and not exists ( /* exclude revoke'd privileges */ select * from sysprotects p1 where p1.protecttype = 206 and p1.action = p.action and p1.id = p.id and p1.uid = u.uid and case substring(p1.columns, 1, 1) & 1 when NULL then 255 /* all columns have permission */ when 0 then convert(tinyint, substring(p1.columns, v.low, 1)) else (~convert(tinyint,isnull(substring(p.columns, v.low, 1),0)))

Regis59 · Answer

Salut

Laisse le, il est ok. :)

Ou en sont tes soucis?

A+

loic42 · Answer

salut!!!

Bon je ne voudrais pas vendre la "peau de l'ours..." mais j'ai redemarré quelque fois depuis la derniere etape et mon PC s'eteint correctement!!!!

J'espere que le probleme est reglé mais en tous cas ca en a l'air!!!!

Merci pour ton acharnement sur ce probleme,ca m'a bien evité un formatage qui fait pas plaisir!

Je sais pas comment tu as trouvé chaque elements a supprimer dans ces listes interminable, mais en tous les cas : "Chapeau"!!!

Je te souhaite une bonne continuation!Et encore une fois g te dis un grand merci!!!Ta ete super!!!!

A+

Loïc

Regis59 · Answer

Salut

Y'as pas de quoi :)
Surtout, si tu as besoin, n hesites pas a revenir !

Merci pour ta patience et ta sympathie !

Bonne continuation :)

Infecté par registry cleaner

24 réponses

Newsletters