Sujet Précédent Sujet Suivant

Virus Kill ou Mskill

Résolu/Fermé
marcsaunier Messages postés 19 Date d'inscription samedi 29 octobre 2005 Statut Membre Dernière intervention 2 juillet 2007 - 6 juin 2006 à 16:36
 elshan - 28 déc. 2007 à 20:35
Bonjour,


Mon antivirus (bit defender pro 9+) a détecté ce qui me semble être un virus qu'il ne peut ni désinfecter ni déplacer (cf ci-dessous, la fin du rapport d'analyse de bit defender):
"
Sommaire :

C:\Program Files\Microsoft Works\Setup\PSS\wks6w2k.exe=>(CAB Sfx r)=>KILL.EXE Détecté: Application.Mskill.E
C:\Program Files\Microsoft Works\Setup\PSS\wks6w2k.exe=>(CAB Sfx r)=>KILL.EXE Désinfection impossible
C:\Program Files\Microsoft Works\Setup\PSS\wks6w2k.exe=>(CAB Sfx r)=>KILL.EXE Déplacement impossible
C:\Program Files\Microsoft Works\Setup\PSS\Wks8xp.EXE=>(CAB Sfx r)=>KILL.EXE Détecté: Application.Mskill.E
C:\Program Files\Microsoft Works\Setup\PSS\Wks8xp.EXE=>(CAB Sfx r)=>KILL.EXE Désinfection impossible
C:\Program Files\Microsoft Works\Setup\PSS\Wks8xp.EXE=>(CAB Sfx r)=>KILL.EXE Déplacement impossible
C:\Program Files\Microsoft Works\Setup\PSS\wksw2k.exe=>(CAB Sfx r)=>KILL.EXE Détecté: Application.Mskill.E
C:\Program Files\Microsoft Works\Setup\PSS\wksw2k.exe=>(CAB Sfx r)=>KILL.EXE Désinfection impossible
C:\Program Files\Microsoft Works\Setup\PSS\wksw2k.exe=>(CAB Sfx r)=>KILL.EXE Déplacement impossible
"

Quelqu'un connait t'il ce virus et pourrait t'il avoir la gentillesse de me dire:

- S'il est peu ou très dangereux,
- .... et comment s'en débarasser !!

Merci d'avance pour votre aide.
A voir également:

32 réponses

  • 1
  • 2
Réponse 1 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
6 juin 2006 à 17:04
Salut

Telecharge ceci :

http://www.infos-du-net.com/telecharger/HijackThis.html = lien

http://pageperso.aol.fr/balltrap34/demohijack.htm = démo

( Merci à Balltrap )

Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.

@+
0
Réponse 2 / 32
marcsaunier Messages postés 19 Date d'inscription samedi 29 octobre 2005 Statut Membre Dernière intervention 2 juillet 2007
6 juin 2006 à 19:17
Voici le rapport !! :

Logfile of HijackThis v1.99.1
Scan saved at 19:14:02, on 06/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\WINDOWS\ALCWZRD.EXE
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\Program Files\Siemens\Gigaset PC Card 108\GigasetWLANMonitor.exe
D:\Program Files\OLYMPUS\m-trip\Bin\m-tripLauncher.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\tvtvforPC\tvtvforPC.exe
D:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\sony\vaio entertainment\VzTrayIcon.exe
C:\Program Files\sony\VAIO Launcher\Launcher.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\explorer.exe
D:\Program Files\WowCartographe\WowCartographe.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Outlook Express\msimn.exe
D:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=4000...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~2\COPERN~1.DLL
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - (no file)
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration740.dll
O3 - Toolbar: (no name) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Whatever] C:\DOCUME~1\Marc\LOCALS~1\Temp\torax.exe
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [VMConsole.exe] C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe /windowmin
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [dawn] C:\DOCUME~1\Marc\LOCALS~1\Temp\dawn.exe
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Washer] D:\Program Files\eMule\Incoming\washer\washer.exe /0
O4 - HKCU\..\Run: [PC SpeedScan Pro] D:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: m-trip Launcher.lnk = D:\Program Files\OLYMPUS\m-trip\Bin\m-tripLauncher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: tvtvforPC.lnk = C:\Program Files\tvtvforPC\tvtvforPC.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\sony\vaio entertainment\VzTrayIcon.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm414YYFR
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O18 - Protocol: bw+0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MrobeService - Unknown owner - C:\WINDOWS\system32\MRobeService.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

@++
0
Réponse 3 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
7 juin 2006 à 00:13
Salut

ok,

Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~2\COPERN~1.DLL
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)

O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - (no file)
O3 - Toolbar: (no name) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - (no file)

O4 - HKLM\..\Run: [Whatever] C:\DOCUME~1\Marc\LOCALS~1\Temp\torax.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [dawn] C:\DOCUME~1\Marc\LOCALS~1\Temp\dawn.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE


O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm414YYFR
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll


O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab


O18 - Protocol: bw+0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {B1597466-CBAD-43A6-9F1E-DE11769AEB42} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

recherche et supprime les fichiers en gras :

ALCMTR.EXE

ces deux fichiers dans : C:\program files

Accoona
MyWebSearch

ensuite :

*Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .

*Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

et enfin fais le 1/ et 2/ de ce lien stp :

bon courage, @+
0
Réponse 4 / 32
marcsaunier Messages postés 19 Date d'inscription samedi 29 octobre 2005 Statut Membre Dernière intervention 2 juillet 2007
7 juin 2006 à 12:11
Parfait, semble-t'il, Bit defender ne trouve rien à redire.
Il y a eu 2 ou 3 messages d'erreur pendant l'exécution du "fix checked", mais à l'issue de toutes les manip's, l'antivirus confirme que l'ordinateur est tout propre.

Merci beaucoup pour ton aide et la rapidité de tes réponses.

Santé bonheur et @++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
7 juin 2006 à 17:40
Salut

ça marche ;)

pour la suite :

securite proteger un ordinateur contre les malwares d internet

@+

0
Réponse 6 / 32
Flumich
24 août 2007 à 17:39
Bonjour !

Depuis quelques jours j'ai une application nommé "kill" dans mon gestionnaire des tâches.
Qu'est-ce donc ? dangereux ?

Merci
0
Réponse 7 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
24 août 2007 à 22:01
Salut

poste un rapport hijackthis ( cf poste 1 )

++
0
Réponse 8 / 32
Flumich
25 août 2007 à 16:59
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:15, on 25/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
C:\WINDOWS\system32\TFNF5.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\WINDOWS\svchost.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Flumich\LOCALS~1\Temp\Rar$EX00.975\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [That build] C:\DOCUME~1\Flumich\APPLIC~1\MPEGJU~1\Bias army.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
0
Réponse 9 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
25 août 2007 à 17:28
ok,

est-ce que tu as des fenêtres de pub ???

++
0
Réponse 10 / 32
Flumich
25 août 2007 à 18:40
Ouai de IE et j'arrive pas a les degager ! avant avec Firefox pas de problemes et depuis que j'ai du formater elles reviennent tout le temps sous IE...
0
Réponse 11 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
25 août 2007 à 18:49
ok,

Télécharge ceci: (by Moe) :

http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.


++
0
Réponse 12 / 32
flumich
26 août 2007 à 06:37
_____________ Rapport Lopxp fait le 26/08/2007 à 6:35:51

Exécuté dans : C:\Program Files\Lopxp


/!\ Attention /!\

Les résultats de ce rapport sont sujets à interprétations,
Et ne démontrent pas systématiquement des dossiers infectés...


___________________________________________________________________________

[1] -> Threads Internet Explorer


/!\ Suspect iexplore.exe pid: 620 5B0: C:\DOCUME~1\ALLUSE~1\APPLIC~1\DENTAM~1\ERRORE~1.EXE

___________________________________________________________________________

[2] -> Recherche présence de Messenger Plus!...


Messenger Plus! 2 N'est pas ou plus installé.

MessengerPlus! 3 N'est pas ou plus installé.

# Messenger Plus! Live : Présent !
/!\ Sponsor accepté lors de l'installation !

Date d'installation/Création du dossier: 14/08/2007 à 17:38
Dernière modification du dossier le: 14/08/2007 à 17:38


Recherche des dossiers crées le: 14/08/2007

C:\Program Files

14/08/2007 à 17:39 - - StuffPlug3
14/08/2007 à 17:38 - - mpeg jugs
14/08/2007 à 17:38 - - Adverts
14/08/2007 à 17:38 - - Windows Live
14/08/2007 à 17:38 - - Messenger Plus! Live
14/08/2007 à 17:35 - - MSN Messenger
14/08/2007 à 16:41 - - ..
14/08/2007 à 16:41 - - .
14/08/2007 à 16:41 - - Fichiers communs
14/08/2007 à 16:29 - - Lavasoft
14/08/2007 à 16:28 - - WinRAR
14/08/2007 à 16:27 - - Mozilla Firefox
14/08/2007 à 16:24 - - Apoint2K
14/08/2007 à 16:22 - - TOSHIBA
14/08/2007 à 16:03 - - Intel
14/08/2007 à 16:02 - - Analog Devices
14/08/2007 à 16:02 - - InstallShield Installation Information
14/08/2007 à 15:55 - - Uninstall Information
14/08/2007 à 15:51 - - xerox
14/08/2007 à 15:51 - - microsoft frontpage
14/08/2007 à 15:48 - - Movie Maker
14/08/2007 à 15:48 - - NetMeeting
14/08/2007 à 15:48 - - Outlook Express
14/08/2007 à 15:48 - - Internet Explorer
14/08/2007 à 15:47 - - ComPlus Applications
14/08/2007 à 15:47 - - WindowsUpdate
14/08/2007 à 15:47 - - Services en ligne
14/08/2007 à 15:47 - - Windows Media Player
14/08/2007 à 15:47 - - Messenger
14/08/2007 à 15:46 - - MSN Gaming Zone
14/08/2007 à 15:46 - - Windows NT


C:\Documents and Settings\All Users\Application Data

14/08/2007 à 17:39 - - Messenger Plus!
14/08/2007 à 17:39 - - Curb The Math Dent
14/08/2007 à 17:38 - - dent amok cash book
14/08/2007 à 16:40 - - Microsoft
14/08/2007 à 16:40 - - .
14/08/2007 à 16:40 - - ..


C:\Documents and Settings\Default User\Application Data

14/08/2007 à 16:40 - - ..
14/08/2007 à 16:40 - - Microsoft
14/08/2007 à 16:40 - - .


C:\Documents and Settings\Flumich\Application Data

14/08/2007 à 17:38 - - Macromedia
14/08/2007 à 17:38 - - mpeg jugs
14/08/2007 à 16:29 - - Lavasoft
14/08/2007 à 16:28 - - Mozilla
14/08/2007 à 15:55 - - Identities
14/08/2007 à 15:55 - - ..
14/08/2007 à 15:55 - - Microsoft
14/08/2007 à 15:55 - - .


C:\Documents and Settings\LocalService\Application Data

14/08/2007 à 15:54 - - ..
14/08/2007 à 15:54 - - Microsoft
14/08/2007 à 15:54 - - .


C:\Documents and Settings\NetworkService\Application Data

14/08/2007 à 15:54 - - ..
14/08/2007 à 15:54 - - Microsoft
14/08/2007 à 15:54 - - .


___________________________________________________________________________

[3] -> Tâches planifiées


ADF5067B91CEBA5F.job: c:\docume~1\flumich\applic~1\mpegju~1\Freenametrust.exe
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task

/!\ Suspecte: -> C:\WINDOWS\tasks\ADF5067B91CEBA5F.job

___________________________________________________________________________

[4] -> Sponsor P2P


___________________________________________________________________________

[5] -> Listing des dossiers Application Data


C:\Documents and Settings\All Users\Application Data

24/08/2007 à 14:50 - - Apple
23/08/2007 à 16:47 - - Downloaded Installations
23/08/2007 à 15:30 - - Installations
18/08/2007 à 16:38 - - FaxCtr
18/08/2007 à 15:41 - - Microsoft Help
18/08/2007 à 15:14 - - Adobe
15/08/2007 à 16:45 - - Windows Genuine Advantage
14/08/2007 à 17:39 - - Messenger Plus!
14/08/2007 à 17:39 - - Curb The Math Dent
14/08/2007 à 17:38 - - dent amok cash book
14/08/2007 à 16:40 - - Microsoft


C:\Documents and Settings\Flumich\Application Data

23/08/2007 à 15:33 - - PC Suite
20/08/2007 à 21:20 - - Talkback
18/08/2007 à 16:42 - - FaxCtr
18/08/2007 à 16:28 - - Adobe
15/08/2007 à 15:35 - - vlc
15/08/2007 à 15:02 - - WinRAR
14/08/2007 à 17:38 - - Macromedia
14/08/2007 à 17:38 - - mpeg jugs
14/08/2007 à 16:29 - - Lavasoft
14/08/2007 à 16:28 - - Mozilla
14/08/2007 à 15:55 - - Identities
14/08/2007 à 15:55 - - Microsoft


C:\Documents and Settings\Flumich\Local Settings\Application Data

24/08/2007 à 14:50 - - Apple
24/08/2007 à 14:49 - - Apple Computer
18/08/2007 à 15:42 - - Microsoft Help
18/08/2007 à 15:15 - - Adobe
14/08/2007 à 16:28 - - Mozilla
14/08/2007 à 15:55 - - Microsoft



___________________________________________________________________________

[6] -> Listing du dossier Program Files


C:\Program Files

26/08/2007 à 06:34 - - Lopxp
24/08/2007 à 14:50 - - Apple Software Update
23/08/2007 à 16:45 - - SuperCopier2
23/08/2007 à 15:33 - - DIFX
23/08/2007 à 15:32 - - PC Connectivity Solution
18/08/2007 à 17:10 - - eMule
18/08/2007 à 16:38 - - Lexmark Fax Solutions
18/08/2007 à 15:50 - - Microsoft Works
18/08/2007 à 15:50 - - MSBuild
18/08/2007 à 15:49 - - Microsoft Visual Studio
18/08/2007 à 15:41 - - Microsoft Office
18/08/2007 à 15:14 - - Adobe
18/08/2007 à 14:46 - - Windows Media Connect 2
15/08/2007 à 15:32 - - VideoLAN
15/08/2007 à 15:03 - - VirtualDJ
14/08/2007 à 17:39 - - StuffPlug3
14/08/2007 à 17:38 - - mpeg jugs
14/08/2007 à 17:38 - - Adverts
14/08/2007 à 17:38 - - Windows Live
14/08/2007 à 17:38 - - Messenger Plus! Live
14/08/2007 à 17:35 - - MSN Messenger
14/08/2007 à 16:41 - - Fichiers communs
14/08/2007 à 16:29 - - Lavasoft
14/08/2007 à 16:28 - - WinRAR
14/08/2007 à 16:27 - - Mozilla Firefox
14/08/2007 à 16:24 - - Apoint2K
14/08/2007 à 16:22 - - TOSHIBA
14/08/2007 à 16:03 - - Intel
14/08/2007 à 16:02 - - Analog Devices
14/08/2007 à 16:02 - - InstallShield Installation Information
14/08/2007 à 15:55 - - Uninstall Information
14/08/2007 à 15:51 - - xerox
14/08/2007 à 15:51 - - microsoft frontpage
14/08/2007 à 15:48 - - Movie Maker
14/08/2007 à 15:48 - - NetMeeting
14/08/2007 à 15:48 - - Outlook Express
14/08/2007 à 15:48 - - Internet Explorer
14/08/2007 à 15:47 - - ComPlus Applications
14/08/2007 à 15:47 - - WindowsUpdate
14/08/2007 à 15:47 - - Services en ligne
14/08/2007 à 15:47 - - Windows Media Player
14/08/2007 à 15:47 - - Messenger
14/08/2007 à 15:46 - - MSN Gaming Zone
14/08/2007 à 15:46 - - Windows NT

___________________________________________________________________________

[7] -> Clés registre de démarrage


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
That build REG_SZ C:\DOCUME~1\Flumich\APPLIC~1\MPEGJU~1\Bias army.exe


___________________________________________________________________________

[8] -> Popups autorisés


# Internet Explorer

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow


# Mozilla Firefox (1 autorisé 2 interdit)

host popup 1 www.agencesdes4fontaines.com

# Suite Mozilla / SeaMonkey (1 autorisé 2 interdit)


___________________________________________________________________________

[9] -> Suggestion nettoyage registre

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"That build"=-


----------------------------------------------------------> Fin du rapport
0
Réponse 13 / 32
Flumich
26 août 2007 à 15:16
J'ai aussi ce message d'erreur a chaque fin d'installation de logiciel :

Impossible d'ouvrir la clé
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run.
Vérifiez que vous disposez des droits suffisants pour cette clé ou contactez votre service de support technique.
0
Réponse 14 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
26 août 2007 à 16:18
Salut

Lancer HijackThis et cliquer sur [Do a system scan only]
cocher la case au début des lignes suivantes :

O4 - HKCU\..\Run: [That build] C:\DOCUME~1\Flumich\APPLIC~1\MPEGJU~1\Bias army.exe


Valider en cliquant sur le bouton [Fix Checked]
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

Ensuite, fais Démarrer > Exécuter. Tape cmd puis valide avec OK.
Dans la fenêtre qui va s'ouvrir, copie et colle ceci :

del /a C:\WINDOWS\tasks\ADF5067B91CEBA5F.job

Ici, la suppression de la tâche planifiée. Il suffit de remplacer la série en gras par celle trouvée dans LopXP (il se peut qu il y en ait +1)

et valide en appuyant sur Entrée

et enfin, fais ce qui est indiqué ici stp :

virus methode preliminaire de desinfection version fr

@+
0
Réponse 15 / 32
Flumich
30 août 2007 à 18:17
J'ai préféré poster mes rapports ici ;)
Parce qu'ailleur je me fait trimballer comme quoi je poste sans raisons


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:34:34 30/08/2007

+ Résultat de l'analyse:



D:\RECYCLER\S-1-5-21-1177238915-1708537768-854245398-1003\Dd57.rar/Passe.exe -> Backdoor.Optix.Pro.i : Aucune action entreprise.
C:\Documents and Settings\Flumich\Local Settings\Application Data\Mozilla\Firefox\Profiles\m087ic7v.default\Cache\BC62D28Cd01 -> Not-A-Virus.Downloader.Win32.WinFixer.q : Aucune action entreprise.
C:\Documents and Settings\Flumich\Cookies\flumich@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Flumich\Cookies\flumich@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\Flumich\Cookies\flumich@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Flumich\Cookies\flumich@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Program Files\Adverts\uninst.exe -> Trojan.Obfuscated.en : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP143\A0005839.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP144\A0005875.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP145\A0005899.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP146\A0005906.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP147\A0005913.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0005920.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0006514.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0006515.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0006516.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006517.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006531.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006565.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006613.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\WINDOWS\Session.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\WINDOWS\system32\FileKan.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\WINDOWS\system32\SocksA.exe -> Trojan.VB.atg : Aucune action entreprise.
C:\tel.xls.exe -> Trojan.VB.atg : Aucune action entreprise.
D:\tel.xls.exe -> Trojan.VB.atg : Aucune action entreprise.


Fin du rapport





BitDefender Online Scanner







Scan report generated at: Thu, Aug 30, 2007 - 12:14:40









Scan path: C:\;D:\;E:\;















Statistics

Time


01:33:14

Files


211566

Folders


4407

Boot Sectors


3

Archives


2069

Packed Files


19806







Results

Identified Viruses


8

Infected Files


55

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


54







Engines Info

Virus Definitions


750540

Engine build


AVCORE v1.0 (build 2411) (i386) (Jul 9 2007 12:10:22)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\All Users\Application Data\dent amok cash book\Error Exit.exe


Infected with: Trojan.FatObfus.AF

C:\Documents and Settings\All Users\Application Data\dent amok cash book\Error Exit.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\dent amok cash book\Error Exit.exe


Delete failed

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\64movemp3eggs.exe


Infected with: Trojan.FatObfus.AG

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\64movemp3eggs.exe


Deleted

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\aphlsdfv.exe


Infected with: Trojan.FatObfus.AF

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\aphlsdfv.exe


Deleted

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\Bias army.exe


Infected with: Trojan.FatObfus.2.Gen

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\Bias army.exe


Disinfection failed

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\Bias army.exe


Deleted

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\Freenametrust.exe


Infected with: Trojan.Obfuscated.GZ

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\Freenametrust.exe


Disinfection failed

C:\Documents and Settings\Flumich\Application Data\mpeg jugs\Freenametrust.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP118\A0004339.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP118\A0004339.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP118\A0004340.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP118\A0004340.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP118\A0004340.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP118\A0004723.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP118\A0004723.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP120\A0004817.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP120\A0004817.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP120\A0004820.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP120\A0004820.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP120\A0004820.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP127\A0004922.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP127\A0004922.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP128\A0005116.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP128\A0005116.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP133\A0005213.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP133\A0005213.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP134\A0005229.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP134\A0005229.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP136\A0005260.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP136\A0005260.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP136\A0005260.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP136\A0005441.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP136\A0005441.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP137\A0005450.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP137\A0005450.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP137\A0005451.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP137\A0005451.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP137\A0005451.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005456.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005456.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005465.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005465.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005465.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005475.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005475.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005774.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP138\A0005774.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP139\A0005805.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP139\A0005805.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP139\A0005806.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP139\A0005806.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP139\A0005806.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP140\A0005809.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP140\A0005809.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP140\A0005811.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP140\A0005811.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP140\A0005811.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP140\A0005819.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP140\A0005819.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP141\A0005825.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP141\A0005825.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP144\A0005882.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP144\A0005882.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP144\A0005882.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP144\A0005883.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP144\A0005883.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP145\A0005903.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP145\A0005903.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP145\A0005905.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP145\A0005905.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP145\A0005905.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP146\A0005910.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP146\A0005910.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP146\A0005912.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP146\A0005912.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP146\A0005912.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP147\A0005917.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP147\A0005917.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP147\A0005918.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP147\A0005918.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP147\A0005918.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0005924.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0005924.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0005977.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0005977.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP148\A0005977.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006557.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006557.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006568.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006568.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006614.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006614.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP149\A0006614.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006616.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006616.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006618.exe


Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006618.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006618.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006619.exe


Infected with: Trojan.Vb.ATG

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006619.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006619.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006620.exe


Infected with: Trojan.Vb.ATG

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006620.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006620.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006621.exe


Infected with: Trojan.Vb.ATG

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006621.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006621.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006622.exe


Infected with: Trojan.Vb.ATG

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006622.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006622.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006623.exe


Infected with: Trojan.FatObfus.AG

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006623.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006624.exe


Infected with: Trojan.FatObfus.AF

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006624.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006625.exe


Infected with: Trojan.FatObfus.2.Gen

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006625.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006625.exe


Deleted

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006626.exe


Infected with: Trojan.Obfuscated.GZ

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006626.exe


Disinfection failed

C:\System Volume Information\_restore{99B1B2E8-FE67-4AB9-ADC3-D912907C0B61}\RP150\A0006626.exe


Deleted

D:\Logiciels\Setup\Keylogger\keygen keylogger.exe


Infected with: Trojan.Spy.Agent.Y

D:\Logiciels\Setup\Keylogger\keygen keylogger.exe


Disinfection failed

D:\Logiciels\Setup\Keylogger\keygen keylogger.exe


Deleted

D:\Logiciels\Setup\Keylogger\Keylogger.exe


Infected with: Trojan.Spy.Agent.Y

D:\Logiciels\Setup\Keylogger\Keylogger.exe


Disinfection failed

D:\Logiciels\Setup\Keylogger\Keylogger.exe


Deleted

D:\Logiciels\Setup\Virtual DJ.rar=>virtualdj.exe


Infected with: Backdoor.Pcclient.GV

D:\Logiciels\Setup\Virtual DJ.rar=>virtualdj.exe


Disinfection failed

D:\Logiciels\Setup\Virtual DJ.rar=>virtualdj.exe


Deleted

D:\Logiciels\Setup\Virtual DJ.rar


Update failed

D:\Logiciels\Setup\virtualdj.exe


Infected with: Backdoor.Pcclient.GV

D:\Logiciels\Setup\virtualdj.exe


Disinfection failed

D:\Logiciels\Setup\virtualdj.exe


Deleted


Fin du scan bitdefender online


Logfile of HijackThis v1.99.1
Scan saved at 16:26:34, on 30/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [That build] C:\DOCUME~1\Flumich\APPLIC~1\MPEGJU~1\Bias army.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WEP key recovery service (WZCOOK) - Unknown owner - D:\Logiciels\Setup\Windows Wifi Collection (aircrack, airsnort, airopeek) [and keygen]\aircrack_2.1_win32\wzcook.exe" (file missing)
0
Réponse 16 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
30 août 2007 à 18:19
Salut

comment évolue la situation ???

++
0
Réponse 17 / 32
Flumich
30 août 2007 à 19:19
Bah "kill" a visiblement disparu et j'ai plus de soucis pour instaleer quoi que ce soit ...
mais j'aimerai savoir si mon pc va mieu etre sur que plus rien ne sommeil en lui si tu vois ce que je veux dire ....
;)
0
Réponse 18 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
30 août 2007 à 20:13
fixe cette ligne : O4 - HKCU\..\Run: [That build] C:\DOCUME~1\Flumich\APPLIC~1\MPEGJU~1\Bias army.exe

sinon, pour ma part tout est ok !

@+
0
Réponse 19 / 32
Flumich
30 août 2007 à 20:18
T'assure ! Merci pour tout :D
0
Réponse 20 / 32
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
30 août 2007 à 20:21
Un dernier détail ! :)

installe un antivirus et un parefeu !!!

voir ici :

securite proteger un ordinateur contre les malwares d internet

@+

;-)
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses