[Virus] Infecté par spy trojan-spy.win32@mx Résolu/Fermé

Question

Bonjour je pense bien avoir un virus sur mon ordinateur.
Il affiche une bulle dans ma barre de taches où il est écrit 
system alert : trojan-spy.win32@mx
Type: spywaretrojan
etc...
J'ai lancé spybot, adaware, norton etc et rien n'y a fait
j'ai vu sur certains sujets que mon probleme n'est pas unique et qu'il faut vous remettre le logfile de hijackthis, alors voici :

Logfile of HijackThis v1.99.1
Scan saved at 20:53:13, on 05/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
Z:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus
avapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Video ActiveX Object\pmsngr.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
Z:\Program Files\WinAmp\winampa.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\FreeGo\FreeGo.exe
Z:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Z:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Eurobarre\eb.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
Z:\Program Files\eChanblard\emule.exe
Z:\Program Files\Mozilla Firefox\firefox.exe
Z:\Programmes\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: (no name) - {96ebbe6a-2864-4345-b32b-26ee9be524b5} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\PINNAC~1\PPE\PPE.EXE
O4 - HKLM\..\Run: [WinampAgent] Z:\Program Files\WinAmp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [FreeGo] C:\Program Files\FreeGo\FreeGo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WeatherWatcher] Z:\Program Files\Weather Watcher\ww.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = Z:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = Z:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: IE Booster Copy Meister - res://C:\Program Files\IE Booster 2\ieb.dll/copy-wiz.ieb
O8 - Extra context menu item: IE Booster Interactive HTML Detective - res://C:\Program Files\IE Booster 2\ieb.dll/contextmenu.ieb
O8 - Extra context menu item: IE Booster List Images - res://C:\Program Files\IE Booster 2\ieb.dll/ImagesModule.ieb
O8 - Extra context menu item: IE Booster List Links - res://C:\Program Files\IE Booster 2\ieb.dll/LinksModule.ieb
O8 - Extra context menu item: IE Booster Open Frame In New Window - res://C:\Program Files\IE Booster 2\ieb.dll/open-frame-in-new-window.ieb
O8 - Extra context menu item: IE Booster Open Frame In This Window - res://C:\Program Files\IE Booster 2\ieb.dll/open-frame-in-new-window.ieb
O8 - Extra context menu item: IE Booster Web Page Analyzer - res://C:\Program Files\IE Booster 2\ieb.dll/element.ieb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: show/hide IEB Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra 'Tools' menuitem: IE Booster Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Page Analysis - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://C:\Program Files\IE Booster 2\ieb.dll/ieb2.ieb (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: IE Booster Web Page Analyzer - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://C:\Program Files\IE Booster 2\ieb.dll/ieb2.ieb (file missing) (HKCU)
O9 - Extra button: HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://C:\Program Files\IE Booster 2\ieb.dll/contextmenu.ieb (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: IE Booster Interactive HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://C:\Program Files\IE Booster 2\ieb.dll/contextmenu.ieb (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/610481.exe
O18 - Protocol: bw+0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {5CE67134-EF1E-4128-B6CE-E22DBEA23819} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - C:\WINDOWS\system32\vcehaeb.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - Z:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcappcapd.exe" -d -f "%ProgramFiles%\WinPcappcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe







J'espère que vous pourrez m'aider parce que mon ordi est assailli par les pubs et très ralenti aussi d'ailleurs, et en plus il y a ces bulles qui refusent de disparaitre.
Merci

livetliz · Accepted Answer

Alors Régis? Qu'est-ce que t'en dis? C'est bon ou pas?

Regis59 · Answer

Salut,

Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.

A+

Regis59 · Answer

Ok !

Démarre en mode sans échec : 
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter 
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée. 
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal ! 
(Si F8 ne marche pas utilise la touche F5).  
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

A+

malick · Answer

Pareil pour moi, ma barre des tâches affiches deux messages d'alerte (Attention danger triangle jaune) me disant system alert: Malware threats pour l'un et Critical system errors pour l'autre à chaque fois que je click dessus clic droit ou gauche ça me renvoie vers une page internet pour dowloader un de leur logiciel...(mais je ne tomberai pas dans leur piège lol)

J'ai lancer bit defender mais ça n'a pas résolue le problème...aidez moi svp...
j'en ai marre de ces bulles d'alertes qui s'affiche sur mon bureau... satané virus trojan, il faut que je l'éradique de mon pc...

livetliz · Answer

Alors là il faut qu'on m'explique:
j'ai redemarré en mode sans echec (jusque là tout va bien), puis je lance smitfraud mais là quelques lignes s'affichent qui disent toutes : "le chemin d'accés spécifié est introuvable" mais ça ne l'empeche pas de continuer. Là, je fais le choix 2 comme tu m'as dit, et il lance son truc mais réécrit ses mêmes phrases puis affiche l'écran de bureau tout simple (c'est-à-dire avec juste les "mode sans echec" aux 4 coins et sans la barre des taches) et reste comme ça (j'ai attendu quelques minutes avant de redémarrer) et je n'ai pas eu à répondre oui à quoi que ce soit comme tu m'as dit.
Et c'est pas tout, voilà que je redémarre en mode normal pour t'expliquer mon problème et maintenant voilà aussi que ce probleme de trojan-spy machin n'apparait plus...
Je comprends pas, dis moi si c'est normal et maintenant sûr ou si c'est juste bizarre.

livetliz · Answer

y a plus personne?

liv · Answer

mais où est donc regis59???

Regis59 · Answer

Salut

Je repondais aux autres lol

Tu peux me redonner le rapport option 1?

La demarche n'est pas normale

a+

Regis59 · Answer

Salut

Super, la désinfection a fonctionné.

Peux tu remettre un HijackThis?

a+

Regis59 · Answer

Salut,

¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

O3 - Toolbar: (no name) - {96ebbe6a-2864-4345-b32b-26ee9be524b5} - (no file) 

Ferme HJT

Dis moi ou en sont tes soucis?

A+

Regis59 · Answer

Salut

Mdr, on ne m avait encore jamais comparé HijackThis a une feuille de thé :-P

Pour moi, le log est ok, en quoi puis je t etre utile?

A+

Regis59 · Answer

Salut livetliz,

Etant donné que l'on s'est deja cotoyé, appelle moi par mon prenom : Quentin ;)

Merci pour tes compliments ! J'apprecie aider les personnes aussi sympathiques que toi.

Pour ton autre soucis, donne moi autant de precisions que possible, je vais essayer de regarder.

A+

livetliz · Answer

Salut Quentin (d'ailleurs, faudra que tu m'expliques pourquoi ton pseudo est "Regis"59...).
Tu peux m'appeler Olivier si tu veux (moi, y a un rapport dans mon pseudo au moins... O"liv"ier).
Bref, j'ai plus ou moins résolu mon problème. Celui-ci est que je voulais transférer des données (musiques, images, etc) de mon portable (Sagem My600x) vers mon pc et inversement via le BlueTooth. J'ai donc acheté une clé USB BlueTooth que j'ai connectée à mon pc et avec le logiciel BlueSoleil fourni avec, j'ai pu connecter mes deux appareils ensemble. Ainsi, je peux envoyer les données de mon portable vers mon pc mais le probleme est que je ne peux pas faire l'inverse. J'ai donc essayé de trouver une solution sur internet mais j'ai juste remarqué que beaucoup de personnes ont ce même probleme.
Mais comme je t'ai dit, j'ai plus ou moins résolu celui-ci. En effet, j'ai connecté le portable de ma copine (Samsung E360E) à mon pc (toujours par le BlueTooth) et j'ai remarqué qu'à la différence de la connexion avec mon portable, avec le sien, il y a une icône supplémentaire qui apparaît. Cette icône s'appelle "le service de transfert des fichiers" et quand je clique dessus, ça ouvre une fenêtre ou je peux voir tous les fichiers présents sur le portable de ma copine mais sans pour autant pouvoir lui en envoyer.
Et c'est là que j'ai eu mon éclair d'intelligence !!!
Je me suis dit : "si, de cette fenêtre, je peux télécharger les fichiers du portable sur le pc, peut-être qu'en copiant les fichiers du pc sur cette fenêtre, je pourrais les envoyer sur le portable!"
J'ai donc mis en pratique cette merveilleuse idée, et ça a marché !!!
J'ai donc toujours ce problème avec mon portable mais comme je peux transférer les fichiers que je veux sur le portable de ma copine et, de là, les envoyer par BlueTooth sur MON portable, le problème est plus ou moins résolu.
Voilà, t'as tout saisi? Je n'ai pas trouvé LA solution, mais UNE solution qui fonctionne.
Je n'ai donc pas vraiment besoin de ton aide sur ce coup, sauf si tu sais comment je pourrais directement transférer du pc vers mon portable. Enfin merci quand même, mais ne t'inquiète pas, dès que j'ai un problème, je m'arrange pour t'en faire part (d'ailleurs, je ne sais pas comment ça marche, mais y a-t-il un moyen de te contacter directement?).
Enfin, je voulais te dire que j'ai bizarrement hâte d'avoir à nouveau un virus ou quelque chose d'autre, juste pour pouvoir te demander de l'aide et ressentir cette joie indescriptible qui survient quand ton ordi est de nouveau libre, tu vois de quoi je parle?

Regis59 · Answer

Salut Olivier,

Pourquoi Regis59?

A la base, il y a longtemps j'etais venu pour me faire desinfecter. J'etais en temps qu'helpé. J'ai pris le prenom de mon père pour former mon pseudo afin d'etre aidé.
Ensuite, c'est moi qui a aidé mais j'ai gardé le meme pseudo.

Pour ton soucis, est ce que tu t es renseigné aupres d un vendeur chez France Telecom par exemple?

Me contacter? Oui ici.

Enfin, je voulais te dire que j'ai bizarrement hâte d'avoir à nouveau un virus ou quelque chose d'autre, juste pour pouvoir te demander de l'aide et ressentir cette joie indescriptible qui survient quand ton ordi est de nouveau libre, tu vois de quoi je parle?

Oh oui, car moi aussi j ai eu de nombreux soucis du aux infections ! Maintenant ca ne me fait plus peur mais avant quelle trousse que j avais !!! C'etait une joie, une liberation, un soulagement de nettoyer mon pc lol

A+

livetliz · Answer

Bonnes fêtes et meileurs voeux à toi Quentin et continue d'aider tout le monde comme tu le fais.

Regis59 · Answer

Salut Olivier,

Meilleurs voeux a toi également et je te souhaite une bonne et heureuse année 2007.

Ca fait très plaisir de revoir des personnes qu'on a aidé, merci beaucoup.

Bonne soirée

livetliz · Answer

Salut Quentin, j'aimerais savoir si tu t'y connais un peu dans les montages vidéo. En effet, j'aimerais incruster une image derrière des personnages filmés sur fond vert avec Pinnacle Studio 10 Plus. Mais je n'y arrive pas, tout ce que j'ai, c'est le fond vert qui devient noir, et l'image qui clignote.
Si tu pouvais m'aider ou me rediriger vers quelqu'un ou quelque part, ça serait super.
Merci.

Regis59 · Answer

Salut Olivier,

Non pas trop..mais bon on va trouver !

Deja, as tu demandé dans la section Logiciel?Graphisme/Photo?vidéo numérique?
Tu veux faire ca avec pinacle ou un autre logiciel?

A+

livetliz · Answer

Je n'ai pas encore cherché ailleurs sur CCM, tu es le premier à qui je m'adresse en cas de problème... Je vais y aller voir. Et oui, c'est avec Pinnacle que je compte faire ça, sauf si on me conseille un meilleur logiciel.

livetliz · Answer

C'est bon, j'ai trouvé!!
Tu sais où? Dans la rubrique d'aide du logiciel...
Je te prierais de ne pas faire de commentaires, OK? Je sais, j'aurais dû y regarder dès le début, mais bon, on peut pas penser à tout. En tout cas, merci de ta disponibilité et de ton implication (en gros, t'as répondu vite et t'as essayé de m'aider).
Encore merci.
Ciao Quentin.

Regis59 · Answer

Re Olivier,

Souvent, personne n y regarde dans ces aides mdr

C'est une vidéo de quoi?

A+

livetliz · Answer

C'est une vidéo que fait ma copine qui est animatrice en centre. Elle tourne une histoire qu'elle a écrit avec ses gamins et moi je fais le montage (avec des effets spéciaux).
Elle veut faire ça bien parce qu'elle dit qu'elle en a marre de voir des vidéos faites dans des centres qui racontent une histoire magnifique mais avec les décors de la cour, des salles de jeux. Là, elle veut faire voyager les gens, tu vois.
C'est un beau projet ambitieux et tout à fait réalisable, alors je l'aide ed bon coeur.
Voilà.

Regis59 · Answer

Oh, ca semble etre un beau projet, et bien je te souhaite beau courage.
Je t'avoue qu il a rien de plus beau qu une vidéo super bien faite.
Prends ton temps en tout cas, ne bacle pas et fais voyager tout le monde !

Montre ce que l on peut faire avec l informatique ;)

A+

livetliz · Answer

Merci de ton soutien, il m'en faudra parce que j'ai lu le scénario, ça va être long. Et je sais pas si tu as déjà monter un film mais c'est très long et répétitif...
Ciao

Regis59 · Answer

Salut

Je n'ai fait que quelques montages photos, et c'était deja très long. J'imagine les séquences a enchainer, ca va etre encore plus long.

Courage ! ;)

Ciao

livetliz · Answer

Salut Quentin, je suis de retour, comment ça va depuis le temps?

D'abord, les nouvelles : j'ai commencé le montage et c'est effectivement très long mais c'est super intéressant et ça fait plaisir quand tu vois le montage final d'une scène. C'est dur mais c'est cool.

Sinon, je voulais te demander surtout un renseignement (non, je n'ai pas de problème cette fois). En fait, je souhaiterais changer d'ordinateur, j'ai un portable actuellement et j'aimerais acheter un ordinateur de bureau. Mais je ne m'y connais pas particulièrement bien, et j'ai vu qu'il valait mieux que j'évite d'acheter un pc déjà monté qui avait Windows Vista (parce qu'il paraît que c'est juste une énorme arnaque) et qu'il fallait plutôt que j'en fasse assembler un moi-même avec les pièces que j'aurais choisies à LDLC (c'est ce que l'on m'a recommandé, vu que j'habite à Lyon). Le truc c'est que je ne sais pas du tout comment choisir ces pièces et c'est là que j'aimerais que tu me renseignes.
Ma config' actuelle : 
Système : Microsoft Windows XP Edition familiale
                    Version 2002 Service Pack 2
Ordinateur : Mobile Intel
                        Celeron CPU 2.40GHz
                        760 Mo de RAM (j'ai rajouté 512 Mo dernièrement)
Je ne sais pas ce qu'il faut choisir pour la carte graphique, etc.
En gros, j'ai besoin de quelque chose de suffisamment puissant pour pouvoir faire mes montages sans que ça rame, que mon ordi soit rapide, qu'il soit capable de faire plusieurs choses en même temps...
Et aussi est-ce que tu sais si je peux choisir le système d'exploitation que je mettrai dessus, par exemple, est-ce que je peux acheter Windows XP Pro ou est-ce que je dois me coltiner Vista?
J'ai le cd d'installation ed Windows XP Familial que j'ai eu avec mon ordi portable, est-ce que je pourrais l'installer sur cet ordi que je vais assembler? Et quelle est la différence entre XP PRO et Familial? Ou peut-être peux-tu me conseiller autre chose.
De plus, qu'est-ce que tu peux me dire sur Linux, Ubuntu, etc.? J'en entends souvent parlé mais je crois que Linux n'est pas si simple d'utilisation.
Voilà, je crois n'avoir rien oublié, mais au pire je te recontacte.
En espérant que tu puisse à mes (quelques) questions, veuillez agréer, Monsieur, l'expression de mes sentiments les plus sentimentaux...

Regis59 · Answer

Salut :)

Content de te lire !

Quelques réponses:
- Je te conseilles de rester sous XP, Vista c'est pas top.
- Linux c'est "comme un windows" mais en plus sécurisé et moins de soucis. C'est plus compliqué mais c'est comme tout, il faut s y faire.

Pour le reste de tes questions, je t invite a t inscrire ici:
http://lyonnais92.aceboard.fr/
Et a y poser tes questions niveau matérile, les helpers la dessu y sont tres compétent et te repondrons mieux que moi :)

a+

livetliz · Answer

Merci Quentin, je vais voir sur ce site et je te tiens au courant.
Ciao.

Regis59 · Answer

ok ca marche :)

de rien, on s y retrouvera également la bas.

a+

livetliz · Answer

Salut Quentin, quoi de neuf ?
Je sais que ça fait un p'tit bout de temps qu'on ne s'est pas parlé mais, là, j'ai besoin de tes lumières pour qu'elles éclairent ma lanterne...!
Bon, d'abord, mes nouvelles. J'ai vu que d'après le dernier post, on s'est parlé pour la dernière fois le 31 mars 2007 ! Et je te disais que je comptais acheter un nouvel ordi. Voilà, c'est fait ! Au bout de 7 mois... Faut dire aussi que depuis ce moment-là, ma voiture m'a lâché et j'en ai donc racheter une pas trop chère en attendant de pouvoir économiser pour en avoir une qui va pas me claquer dans les pattes au bout de 6 mois ! Donc voilà, j'ai balancé ma vieille R19 pour m'acheter une Mégane 2 quasi-neuve ! Héhéhé ! Ca fait plaisir !
Enfin bref, tout ça pour t'expliquer pourquoi je viens juste de m'acheter ce fameux ordi tant attendu.
Mais voilà, tout fonctionne parfaitement bien, sauf mon écran qui commence à m'afficher des espèces de carrés bleus (en damier) dès que je joue à un jeu ou que je veux visionner une vidéo !
C'est super gênant et je voulais savoir si tu pouvais (encore) me filer un coup de main (j'aimerais surtout éviter d'attendre jusqu'à mardi, j'ai fait monté l'ordi à ldlc et ils n'ouvrent pas le lundi !).
Voici tous les composants de mon pc qui pourraient t'être utiles (je pense) :
http://www.ldlc.com/fiche/PB00040536.html
http://www.ldlc.com/fiche/PB00051905.html
http://www.ldlc.com/fiche/PB00061934.html
https://www.ldlc.com/informatique/pieces-informatique/memoire-pc/c4703/ (j'en ai deux)
http://www.ldlc.com/fiche/PB00057623.html
http://www.ldlc.com/fiche/PB00034939.html
Voilà, par contre, je ne sais pas si j'ai mis les liens correctement, mais ils sont bons.
Si tu as besoin d'autres détails, n'hésite pas à me contacter.
Salut !

Regis59 · Answer

Salut Olivier

La classe en Mégane maintenant :P Dragues pas trop ;)

Ok, si tu fais une prise d ecran, est ce que les carrés apparaissent sur la prise d ecran?

A+

livetliz · Answer

Salut Quentin, content que tu sois toujours là ! J'ai eu peur pendant un moment...
Oui, j'ai essayé hier de faire une capture d'écran pour voir, et effectivement, le damier apparaît sur l'image.
Autre fait étrange, aujourd'hui ce phénomène de "damier bleu" (comme je l'ai baptisé) n'est plus là !
Je ne sais pas s'il va réapparaître, mais au cas où, j'aimerais quand même savoir ce qu'il s'est passé !

Regis59 · Answer

Salut

Je ne sais pas trop.
Tu peux me montrer a quoi ca ressemble?

A+

livetliz · Answer

Salut, le truc c'est que je n'ai pas sauvegardé cette capture d'écran...
J'en ai trouvé une sur internet qui ressemble a peu près à ce qui m'est arrivé. C'est sur ce site : https://forum.zebulon.fr/topic/109672-un-probleme-daffichage-d%C3%A9cran-hp-zd8000/
Tu descends sur la page jusqu'à une image (tu pourras pas la rater). Sauf que sur mon écran, le damier était plus visible, c'était vraiment des carrés bleus formant un damier, pas comme sur ce site, où ça ressemble plus à des lignes.
Voilà, si ça te dit quelque chose...
A+

Regis59 · Answer

Ouch, ca ressemble a la CG (carte graphique)

Si ca revient, revient nous voir ; ok??

a+

livetliz · Answer

Ok pas de problème.
A+ Quentin, content de t'avoir relu !

Regis59 · Answer

Bonjour,

Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

A bientôt

jejeOM13 · Answer

Bonjour, 
voilà moi aussi j'ai exactement les mêmes problèmes de virus , si vous pouviez m'aider .......
voila le rapport :
SmitFraudFix v2.253

Rapport fait à 19:41:45,37, 21/11/2007
Executé à partir de C:\Documents and Settings\Administrateur\Mes documents\Mes t‚l‚chargements\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32	kfiyomv.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\STDSB.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\icon.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\mrofinu1188.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1	legal-at-spybot.info
127.0.0.1	www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\__c00F1ECA.dat"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte Fast Ethernet compatible VIA - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.0.250

HKLM\SYSTEM\CCS\Services\Tcpip\..\{3E210783-211A-4041-927C-F1D06C72CF7C}: DhcpNameServer=192.168.0.250
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3E210783-211A-4041-927C-F1D06C72CF7C}: DhcpNameServer=192.168.0.250
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.250
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.250


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Regis59 · Answer

Bonjour,

Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

A bientôt

Thomas · Answer

Bonjour voila j'ai le meme probleme que liv' j'ai lu le truc mais j'ai comprit que je dois passer des info a quelqun alors ... a vous de voir

Merci de votre aide

Regis59 · Answer

Crée ton propre poste

A+

livetliz · Answer

Salut Quentin,
Tout d'abord, je te souhaite une très bonne année avec une santé à toute épreuve, un porte-monnaie bien rempli et une vie amoureuse qui rendrait jaloux Dom Juan et Casanova réunis !
Mais si je te re-contacte, c'est parce que j'ai un problème...! Je crois bien avoir un virus et j'ai besoin de ton aide !
Je t'explique : aujourd'hui, j'ai passé ma journée au boulot, et ma copine (qui n'est pas trop au courant de "comment fonctionnent les virus") a discuté avec sa cousine sur MSN quand subitement, elle a reçu plusieurs messages dans sa fenêtre de discussion où il était écrit "C'est pas toi ça ?" suivi d'un lien.
Bien entendu, elle a cliqué sur ce lien qui l'a amenée sur une page. S'en est suivi un téléchargement avec une photo à la c** !
Depuis, chaque fois que je veux parler avec un ami sur MSN, ce même message ("c'est pas toi...") apparaît systématiquement (j'ai prévenu tous mes contacts qu'il y avait de gros risques pour que ce soit un virus et de ne pas cliquer sur ce lien) et je reçois régulièrement un message de mon antivirus (Norton) qui me dit qu'il empêche un virus de passer et l'efface à chaque fois (d'après Norton, le nom du virus serait "Downloader" et il se trouverait dans un fichier qui n'existe pas : Norton me donne le "lieu" exact dudit virus, mais celui-ci n'existe pas dans mon ordi !). Mais le truc est que ce message de Norton revient très régulièrement et que, tout aussi régulièrement, il se passe un truc bizarre : quand une fenêtre est ouverte et que je suis par exemple en train d'écrire quelque chose (d'envoyer un mail, ou de t'écrire ce message) la fenêtre se "déconnecte" et ce que j'écris n'apparaît pas ! Je ne sais pas si je me fais bien comprendre. C'est comme si une fenêtre invisible s'ouvrait par-dessus celle que j'utilise sur le moment. Tu comprends ? Je sais pas si je suis clair...!

"This is how it is", comme on dit (en Angleterre) ! Voilà ce qui m'arrive ! J'ai lancé mon antivirus et je t'envoie ce message en attendant qu'il termine sa recherche de virus. Si tu as une idée de ce que cela pourrait être, je te prie de bien vouloir éclairer ma vessie (que je prends pour une lanterne, lol) !
J'espère vraiment que tu pourras m'aider parce que ça commence vraiement à être chiant ces messages de Norton !!!!!
J'attends de tes nouvelles avec impatience.
@+

Regis59 · Answer

Salut

lol j arrive en retard.
Meilleurs voeux egalement, tu es toujours infecté ou pas? Et oui je sais ce que c est.

A+

LENUM91 · Answer

bonjour est c que qqun pourrai m aider svp j ai le meme probleme que les autres sauf que j ai un probleme en plus  qui fait que je ne peux plus scanner mon pc avec un antivirus ou un antispyware j ai demander a plusieur personnes de m aider mais personnes n a reussi alors est ce qu il y aurrai un profesionnel parmi vous j suis vraiment en galere depuis plusieurs jours je remerci d avance celui qui essayera de m aider reponder moi vite svp

LENUM91 · Answer

regis 59 si tu vois se message repond moi vite stp t a l air de t y connaitre un max a bientot

Regis59 · Answer

Salut

Crée ton propre poste LENUM91, quelqu'un te répondra.

A+

lenum91 · Answer

j ai cree mon poste mai personne me repond j attend

Regis59 · Answer

Soit tu n'es pas assez précis, soit ta demande n'est pas bien formulée, ou soit personne ne sait lol

livetliz · Answer

Salut Quentin,
Je ne pense pas être encore infecté, j'ai cherché sur Internet ce que j'avais pu avoir, et j'ai découvert que je n'étais pas seul dans ce cas-là. J'ai suivi diverses explications (j'ai d'ailleurs changé d'antivirus : de Norton à Antivir), j'ai aussi scanné mon ordi avec MSNFix qui m'a dit que j'étais infecté mais qui a aussi résolu le problème.
Je pense toutefois qu'il reste quelque chose car j'ai régulièrement des messages d'Antivir concernant "TR/Crypt.ULPM.Gen", je le met en quarantaine à chaque fois mais il revient toujours !
Sais-tu ce que c'est ?
J'ai une autre question, j'utilise Azureus, je ne sais pas si tu sais ce que c'est, c'est un logiciel de P2P (oui, je sais, honte à moi ! mais, chuuut). Je ne l'utilise que depuis hier mais depuis ce matin, chaque fois que je le lance, ma connexion Internet se coupe toute seule au bout de quelques minutes et je suis obligé de redémarrer ma FreeBox pour me reconnecter. Mais ce problème recommence encore et encore. J'ai désactivé mon Pare-Feu donc le problème ne doit pas venir de là. Pourrais-tu m'aider ?
J'attend ta réponse impatiemment...
Ciao Quentin.

plouf plouf · Answer

Bonjour ,
Pour avancer Quentin , de plus, comme tu sembles , impatient ..(cf Par livetliz :J'attend ta réponse impatiemment... )
,

Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

Merci a bientôt !
Au passage : coucou Quentin :p ;)

Regis59 · Answer

Salut Olivier, Salut Cathy :)

Olivier est un client particulier :p
Comme il etait a l origine de ce poste, ca ne me derange pas de continuer ici :)

Olivier, tu as un rapport HijackThis a me montrer?

Pour azereus oui je connais, ca marche via des torrents...

A+

livetliz · Answer

Voilà le rapport HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:02:14, on 03/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\USISrv.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\eChanblard\emule.exe
C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe
C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead DVD MovieFactory 4.0\AgentVideo.exe
C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Burn.Now 2.0\AgentDataAudio.exe
C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\AgentCopy.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\BLONDE~1\LOCALS~1\Temp\Rar$EX00.641\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.ldlc.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.ldlc.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ldlc-drivers/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par LDLC.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Fichiers communs\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [L08FXLRD_44063687] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans	scuinst.vbs" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans	scuinst.vbs" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans	scuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans	scuinst.vbs" (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbaresources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.2.1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{31F5B7E5-D336-4DC7-9E14-8FF7CB9F9B25}: NameServer = 217.27.32.5,213.228.0.168
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Regis59 · Answer

Re,

Tu as encore des traces de Norton/Symantec, il faut les supprimer!
Pour azereus, non comme ca je ne sais pas, faudrait chercher sur la toile.

Antivir te le détecte sur quel fichier?

A+

plouf plouf · Answer

Salut Quentin , et livtlz
Olivier est un client particulier :
Je m'en doutais bien aprés lecture , mais je ne savais pas , que tu pratiques ça , sur le forum :o))
Enfin bonne désinf à vous2.
;)





En tout cas , je pensais, bien faire !
-

maroa · Answer

bonjour, j'avais le meme virus que toi sur mon disque dur mais quand j'ai installé AVAST! antivirus sur mon disque dur ...il disparu pour debon ainssi j'ai installé le SUPERAntiSpyware (il faut le chercher sur googl). bon courage.

livetliz · Answer

Salut, J'ai enlever tout ce qui restait de Norton et j'ai relancé Antivir. Voici le rapport d'Antivir : AntiVir PersonalEdition Classic Report file date: dimanche 3 février 2008 11:25 Scanning for 1089295 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: LIVETLIZ Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 17:21:25 ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 17:24:06 ANTIVIR3.VDF : 7.0.2.82 259072 Bytes 01/02/2008 17:19:53 AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 01/02/2008 17:19:53 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 18/01/2008 17:21:27 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: L:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: dimanche 3 février 2008 11:25 Starting search for hidden objects. '45060' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avnotify.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'Azureus.exe' - '1' Module(s) have been scanned Scan process 'emule.exe' - '1' Module(s) have been scanned Scan process 'dwwin.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'hposts08.exe' - '1' Module(s) have been scanned Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned Scan process 'hpoevm08.exe' - '1' Module(s) have been scanned Scan process 'WkCalRem.exe' - '1' Module(s) have been scanned Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned Scan process 'SetPoint.exe' - '1' Module(s) have been scanned Scan process 'PMSHost.exe' - '1' Module(s) have been scanned Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned Scan process 'hpotdd01.exe' - '1' Module(s) have been scanned Scan process 'hpohmr08.exe' - '1' Module(s) have been scanned Scan process 'uphclean.exe' - '1' Module(s) have been scanned Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned Scan process 'BlueSoleil.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'StarWindService.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'sqlservr.exe' - '1' Module(s) have been scanned Scan process 'LWEMon.exe' - '1' Module(s) have been scanned Scan process 'BTNtService.exe' - '1' Module(s) have been scanned Scan process 'EDICT.EXE' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'SearchSettings.exe' - '1' Module(s) have been scanned Scan process 'Res.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'LVComS.exe' - '1' Module(s) have been scanned Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned Scan process 'qttask.exe' - '1' Module(s) have been scanned Scan process 'USISrv.exe' - '1' Module(s) have been scanned Scan process 'Monitor.exe' - '1' Module(s) have been scanned Scan process 'LogiTray.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'WFWIZ.exe' - '1' Module(s) have been scanned Scan process 'DTVSchdl.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 58 processes with 58 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'K:\' [NOTE] No virus was found! Boot sector 'L:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '68' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP221\A0029091.exe [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen [INFO] The file was moved to '47d59f80.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029547.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f85.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029548.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ee.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029549.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f86.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029550.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ef.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029551.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f98.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029552.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f87.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029553.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e0.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029554.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f89.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029555.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f88.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029556.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e1.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029557.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f8a.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029558.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e2.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029559.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f8b.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029560.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e4.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029561.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e3.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029562.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f8c.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029563.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e5.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029564.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f8d.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029565.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e6.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029566.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f8f.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029567.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f8e.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029568.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e7.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029569.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0e9.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029570.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f8.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029571.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f91.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029572.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0fa.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029573.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f82.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029574.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0eb.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029575.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f84.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029576.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f93.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029577.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0fc.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029578.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f95.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029579.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f90.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029580.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f9.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029581.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f92.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029582.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0fe.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029583.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f97.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029584.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f0.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029585.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f99.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029586.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0fb.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029587.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f94.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029588.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0fd.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029589.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f2.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029590.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f9b.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029591.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f4.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029592.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f96.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029593.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ff.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029594.exe [DETECTION] Contains detection pattern of the dropper DR/Zlob.Gen [INFO] The file was moved to '47d59e68.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029595.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f9d.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029596.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f6.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029597.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f9f.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029598.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f101.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029599.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59e6a.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029600.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f103.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029601.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c8.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029602.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa1.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029603.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f1.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029604.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f9a.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029605.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f3.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029606.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f9c.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029607.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ca.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029608.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa3.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029609.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0cc.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029610.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f5.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029611.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59f9e.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029612.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0f7.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029613.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa5.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029614.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ce.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029615.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa7.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029616.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59e6c.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029617.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f105.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029618.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59e6e.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029619.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c0.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029621.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa9.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029622.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c2.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029623.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f107.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029624.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59e60.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029625.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f109.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029626.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fab.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029627.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c4.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029628.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fad.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029629.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa0.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029630.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c9.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029631.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa2.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029632.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c6.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029633.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59faf.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029634.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d8.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029635.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0cb.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029636.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa4.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029637.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0cd.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029638.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb1.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029639.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0da.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029640.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb3.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029641.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa6.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029642.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0cf.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029643.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb8.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029644.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0dc.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029645.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb5.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029646.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0de.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029647.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d1.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029648.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fba.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029649.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d3.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029650.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb7.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029651.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d0.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029652.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb9.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029653.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fa8.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029654.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c1.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029655.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59faa.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029656.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d2.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029657.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fbb.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029658.exe [DETECTION] Contains detection pattern of a probably damaged sample CC/00233 [INFO] The file was moved to '4675f0d4.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029659.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c3.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029660.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fac.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029661.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c5.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029662.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fbd.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029663.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d6.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029664.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fbf.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029665.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0a8.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029666.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fae.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029667.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0c7.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029668.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fbc.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029669.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fc1.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029670.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0aa.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029671.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d5.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029672.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fbe.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029673.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d7.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029674.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fc3.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029675.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ac.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029676.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fc5.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029677.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb0.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029678.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0d9.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029679.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb2.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029680.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ae.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029681.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fc7.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029682.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0a0.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029683.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0db.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029684.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb4.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029685.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0dd.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029686.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fc9.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029687.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0a2.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029688.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fcb.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029689.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fb6.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029690.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0df.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029691.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0ed.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029692.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59e62.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029693.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0a4.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029694.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fcd.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029695.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f10b.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029696.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59e64.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029697.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f10d.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029698.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675f0a6.qua'! C:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029699.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d59fcf.qua'! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'K:\'

Begin scan in 'L:\'

L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP198\A0025613.exe [DETECTION] Is the Trojan horse TR/Dldr.Zlob.bon.21 [INFO] The file was moved to '47d5b2de.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP206\A0028496.exe [DETECTION] Contains detection pattern of a probably damaged sample CC/00233 [INFO] The file was moved to '4675ddb7.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029098.com [DETECTION] Is the Trojan horse TR/Agent.dwd.4 [INFO] The file was moved to '47d5b2e8.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029099.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd81.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029100.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2e9.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029101.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd82.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029102.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2eb.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029103.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd84.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029104.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ea.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029105.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd83.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029106.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ec.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029107.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd85.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029108.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ed.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029109.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd86.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029110.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ef.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029111.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ee.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029112.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd87.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029113.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2e0.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029114.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd89.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029115.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd98.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029116.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f1.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029117.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd9a.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029118.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2e2.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029119.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd8b.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029120.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2e4.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029121.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd8d.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029122.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f3.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029123.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd9c.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029124.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f5.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029125.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd9e.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029126.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f0.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029127.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd99.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029128.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f2.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029129.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f7.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029130.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd90.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029131.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f9.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029132.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd92.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029133.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd9b.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029134.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f4.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029135.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd9d.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029136.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f6.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029137.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2fb.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029138.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd94.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029139.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2fd.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029140.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd96.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029141.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd9f.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029142.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2c8.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029143.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dda1.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029144.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ff.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029145.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc68.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029146.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b301.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029147.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc6a.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029148.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ca.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029149.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dda3.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029150.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2cc.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029151.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dda5.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029152.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b303.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029153.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc6c.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029154.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b305.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029155.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc6e.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029156.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2f8.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029157.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd91.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029158.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2fa.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029159.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b307.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029160.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc60.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029161.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b309.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029162.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc62.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029163.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd93.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029164.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2fc.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029165.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd95.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029166.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2fe.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029167.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b30b.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029168.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc64.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029169.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b30d.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029170.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dd97.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029171.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2ce.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029172.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dda7.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029173.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2c0.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029174.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc66.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029175.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b30f.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029176.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc78.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029177.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b311.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029178.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dda9.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029179.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2c2.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029180.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675ddab.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029181.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b2c4.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029182.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc7a.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029183.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b313.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029184.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc7c.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029185.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b300.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029186.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc69.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029187.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b302.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029188.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc6b.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029189.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b315.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029190.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc7e.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029191.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b317.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029192.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc70.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029193.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b304.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029194.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc6d.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029195.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b306.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029196.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b319.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029197.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc72.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029198.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b31b.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029199.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc74.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029200.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '4675dc6f.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029201.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] The file was moved to '47d5b318.qua'! L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029202.exe [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen [INFO] Th

livetliz · Answer

Le message n'est pas entièrement passé... Voilà le reste :


      [INFO]      The file was moved to '4675dc71.qua'!
L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029203.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [INFO]      The file was moved to '47d5b31a.qua'!
L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029204.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [INFO]      The file was moved to '47d5b31d.qua'!
L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029205.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [INFO]      The file was moved to '4675dc76.qua'!
L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP222\A0029206.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [INFO]      The file was moved to '47d5b31f.qua'!
L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029493.exe
      [DETECTION] Contains detection pattern of the dropper DR/WhenU.A.47
      [INFO]      The file was moved to '47d5b30a.qua'!
L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029494.exe
      [DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F
      [INFO]      The file was moved to '4675dc63.qua'!
L:\System Volume Information\_restore{09A3C614-66F8-4445-8937-2A594F0A3506}\RP223\A0029495.exe
      [DETECTION] Contains detection pattern of the dropper DR/BHO.W.9
      [INFO]      The file was moved to '4675dc48.qua'!


End of the scan: dimanche 3 février 2008  13:26
Used time:  2:01:01 min

The scan has been done completely.

  16883 Scanning directories
 641592 Files were scanned
    267 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
    267 files were moved to quarantine
      0 files were renamed
      2 Files cannot be scanned
 641325 Files not concerned
   3873 Archives were scanned
      2 Warnings
    186 Notes
  45060 Objects were scanned with rootkit scan
      0 Hidden objects were found


Voici le rapport HiJackThis :

Logfile of HijackThis v1.99.1
Scan saved at 13:35:28, on 03/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\USISrv.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\eChanblard\emule.exe
C:\Program Files\Azureus\Azureus.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
C:\Program Files\Mozilla Firefox\firefox.exe
L:\Program Files\VirtualDub\VirtualDub.exe
L:\Programmes\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.ldlc.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.ldlc.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ldlc-drivers/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par LDLC.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Suite\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Fichiers communs\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [L08FXLRD_44063687] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbaresources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.2.1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{31F5B7E5-D336-4DC7-9E14-8FF7CB9F9B25}: NameServer = 217.27.32.5,213.228.0.168
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Je pense que tu pourras trouver où se trouve le virus qu'Antivir détecte (je ne sais pas où chercher cette info ;p).
Merci de prendre du temps pour mon problème Quentin.
Bonne journée !

Regis59 · Answer

Bonsoir.

Cathy oui je sais t'inquietes pas :) Bha c'est rare que je fasse cela :)

Olivier, oui, rassures toi, l'infection est inactive.

¤Désactive ta restauration système (uniquement si tu es sous XP): 
Clic droit sur poste de travail puis, 
propriété, tu cliques sur onglet restauration système 
tu coches la case « désactiver la restauration » et applique.

Puis,

¤Réactive ta restauration système (uniquement si tu es sous XP): 
Clic droit sur poste de travail puis, 
propriété, tu cliques sur onglet restauration système 
tu décoches la case « désactiver la restauration » et applique.

A+

livetliz · Answer

OK, c'est fait.
Est-ce que je dois redémarrer l'ordi entre ces deux manip' ? Et à quoi ça sert de faire ça...?
Merci.

Regis59 · Answer

Non ne redemarre pas.

En fait, c est un point de ta restauration systeme qui est infecté mais l infection est inactive. Tu la réactiverais si tu utiliserais ta restauration systeme. Ca sert justement a supprimer les anciens points infectes et d en créer un nouveau tout propre :)

livetliz · Answer

Ok, merci beaucoup encore une fois...
Et à bientôt pour de nouvelles mésaventures informatiques !!!

Regis59 · Answer

C'est Nickel??

Bha écoute, au plaisir Olivier :)

plouf plouf · Answer

Coucou à tous ,
A l'avenir , je ne m'inquièterais plus Quentin ( enfin j'essaierais :p)
Ensuite peux-tu , stp regarder , tes mps , merci ;) !
Pour Olivier , contente que son souci soit résolu
A Bientôt

Regis59 · Answer

Comme je sais que tu vas bientot deconnecter, je vais les voir de suite :)

plouf plouf · Answer

merci petit rayon ;)

Regis59 · Answer

OKI

nazznaz · Answer

Bonjour
 je pense bien avoir un virus sur mon ordinateur. 
Il affiche une bulle dans ma barre de taches où il est écrit 
system alert : trojan-spy.win32@mx 
Type: spywaretrojan 
j'ai vu sur certains sujets que mon probleme n'est pas unique ;
je fait Télécharge  ce programme:  http://siri.urz.free.fr/Fix/SmitfraudFix.exe 
 il a générer un rapport : qui est là voici
 
 SmitFraudFix v2.289

Rapport fait à 17:20:58,20, 15/02/2008
Executé à partir de C:\Documents and Settings\mohamed nizar\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video Add-on\icthis.exe
C:\Program Files\Video Add-on\isfmntr.exe
C:\Nettoyer mon PC\emt.exe
C:\Program Files\Eset
od32kui.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Video Add-on\icmntr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Video Add-on\isfmm.exe
C:\Program Files\Defenza\pcd-as.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset
od32krn.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mohamed nizar


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mohamed nizar\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\MOHAME~1\Favoris

C:\DOCUME~1\MOHAME~1\Favoris\Online Security Test.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 

C:\Program Files\Video Add-on\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 193.48.28.200

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6843C8C8-9037-4A1A-BFE8-B283A5E7CFC2}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6CE26DE9-96E9-4EF8-92F3-A95FBFF75AC2}: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\..\{AA323184-EFB6-4FEA-AB29-09B63832B3E3}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6843C8C8-9037-4A1A-BFE8-B283A5E7CFC2}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6CE26DE9-96E9-4EF8-92F3-A95FBFF75AC2}: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{AA323184-EFB6-4FEA-AB29-09B63832B3E3}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6843C8C8-9037-4A1A-BFE8-B283A5E7CFC2}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6CE26DE9-96E9-4EF8-92F3-A95FBFF75AC2}: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{AA323184-EFB6-4FEA-AB29-09B63832B3E3}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.83 85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.83 85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.116.83 85.255.112.236


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

et donc aprés j c pas koi faire donc svp si vous pouver m'aider à résoudre cette probléme et merci d'avance

nazznaz · Answer

Bonjour
 je pense bien avoir un virus sur mon ordinateur. 
Il affiche une bulle dans ma barre de taches où il est écrit 
system alert : trojan-spy.win32@mx 
Type: spywaretrojan 
j'ai vu sur certains sujets que mon probleme n'est pas unique ;
je fait Télécharge  ce programme:  http://siri.urz.free.fr/Fix/SmitfraudFix.exe 
 il a générer un rapport : qui est là voici
 
 SmitFraudFix v2.289

Rapport fait à 17:20:58,20, 15/02/2008
Executé à partir de C:\Documents and Settings\mohamed nizar\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video Add-on\icthis.exe
C:\Program Files\Video Add-on\isfmntr.exe
C:\Nettoyer mon PC\emt.exe
C:\Program Files\Eset
od32kui.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Video Add-on\icmntr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Video Add-on\isfmm.exe
C:\Program Files\Defenza\pcd-as.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset
od32krn.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mohamed nizar


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mohamed nizar\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\MOHAME~1\Favoris

C:\DOCUME~1\MOHAME~1\Favoris\Online Security Test.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 

C:\Program Files\Video Add-on\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 193.48.28.200

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6843C8C8-9037-4A1A-BFE8-B283A5E7CFC2}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6CE26DE9-96E9-4EF8-92F3-A95FBFF75AC2}: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\..\{AA323184-EFB6-4FEA-AB29-09B63832B3E3}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6843C8C8-9037-4A1A-BFE8-B283A5E7CFC2}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6CE26DE9-96E9-4EF8-92F3-A95FBFF75AC2}: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\..\{AA323184-EFB6-4FEA-AB29-09B63832B3E3}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6843C8C8-9037-4A1A-BFE8-B283A5E7CFC2}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6CE26DE9-96E9-4EF8-92F3-A95FBFF75AC2}: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: DhcpNameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A42701A8-33EF-48A0-93FE-1D9714F77CBC}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\..\{AA323184-EFB6-4FEA-AB29-09B63832B3E3}: NameServer=85.255.116.83,85.255.112.236
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.83 85.255.112.236
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.83 85.255.112.236
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=193.48.28.200
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.116.83 85.255.112.236


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

et donc aprés j c pas koi faire donc svp si vous pouver m'aider à résoudre cette probléme et merci d'avance

Regis59 · Answer

Bonjour,

Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

A bientôt

portecarte · Answer

salut a tous, j'ai besoin d'une coup de main: 

voici le pb :message indiquant System alert: trojan-spy.win32@mx

et pop up 

ayant vu que d'autres ont eu ce pb je vous transmets le resume du logfile



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:28, on 22/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus
avapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\NetProject\sbmntr.exe
C:\Program Files\NetProject\scit.exe
C:\WINDOWS\system32
vraidservice.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\NetProject\scm.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\NetProject\sbsm.exe
G:\Monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - C:\Program Files\NetProject\sbmdl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web Application - {81705D67-3F73-4983-859B-97D0922E5ABE} - C:\Program Files\NetProject\wamdl.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32
vraidservice.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Ulead Memory Card Detector] G:\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [ccleaner] "D:\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera1.mairie-brest.fr/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O22 - SharedTaskScheduler: djuka - {ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus
avapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcappcapd.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

plouf plouf · Answer

Bonjour ,
Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

Regis59 · Answer

Merci Cathy !

plouf plouf · Answer

Coucou ,
Mais de rien , quand je peux rendre service , c'est avec plaisir, que c'est fait !

livetliz · Answer

Salut Quentin, j'ai besoin de tes lumières !
J'aimerais acheter un nouveau logiciel de montage (soit Adobe Premiere Elements soit Premiere Pro - je pencherais pour Premiere Elements parce qu'il existe un livre "Pour Les Nuls" de ce logiciel !).
Bref, j'ai trouvé la configuration requise pour utiliser ce logiciel-ci et ils disent que pour les formats HD, il faudrait un processeur à 3 GHz. Or, je n'ai que 2.33 GHz. Donc j'aimerais savoir si c'était possible d'augmenter cette fréquence et comment. 
Je suis à votre entière disposition pour de plus amples informations et vous prie d'agréer, monsieur, mes salutations distinguées.

PS : lol

livetliz · Answer

Re
D'après le vendeur du logiciel, pour utiliser correctement Adobe Premiere Elements, j'ai besoin d'avoir un Pentium 4 et la technologie SSE2...
Bon, pour rappel, je suis pas une lumière en info !
Dis-moi stp ce dont tu as besoin pour savoir ce que j'ai dans ma machine et si j'ai ce qu'il faut pour utiliser ce logiciel convenablement.
Encore une fois, je te remercie de prendre le temps de m'aider, mais en même temps, c'est de ta faute, t'as qu'à pas être d'aussi bon conseil !
lol

Regis59 · Answer

Salut ^^ lol

Quel genre de montage tu veux réaliser? Photos ou vidéos?
Augmenter le proc?La galère ! lol
3Ghz, c est énorme !
Combien as tu de RAM?
Sinon, les adobes permettent de bonnes retouches photos. Tu as aussi des gratuits qui peuvent suffir,ca evite d acheter , tout depend ce que tu veux faire !?

a+

Regis59 · Answer

Oui montage photo avec photoshop.
Tu as essayé MovieMaker?

3Ghz c'est enorme oui, la plupart des PC portable deja ne depasse pas 2. Les fixes depassent legerement.

Avec 2Go ca devrait tenir.
Essaie MovieMaker voire si cela te suffierait, ca t eviterais d acheter un logiciel ^^

Sinon, tout est question de puissance! Plus tu as de GHZ, plus tu peux utiliser des logiciels gourmant en memoire etc etc

A+

Regis59 · Answer

Ah oui je me souviens parfaitement !

Demande un PC a la mairie en plus :-P

Pentium 4 c'est en fait le microprossesseur. L'autre je ne sais pas.
Rassures toi,pour moi, ta config tient la route.

Tu as videoStudio qui est pas mal, outre adobe.
Un petit apercu?
https://www.videostudiopro.com/fr/

ou sinon https://www.magix.com/fr/

Perso j'opterais pour ulead...Mais a toi de voir, soit sur les sites, soit sur les forums ou soit sur les boites si ca correspond a tes attentes !

Si tu as besoin, ou si j ai pas bien répondu, n'hésites pas!

A+

Regis59 · Answer

Ok d accord ! C'est vrai que ces tutos sont vraiment bien fait !

En tout cas, des que tu l as testé, dis le moi :)
Et si tu l heberges sur le net, file le lien ;)

A+

Regis59 · Answer

ok

++

NAK · Answer

Bonjour

Je me retrouve moi aussi confronté a ce virus

Quelqu'un pourrait il me dire ce que je dois faire ??? Merci d'avance...
PS :j'ai passé des heures à me battre avec avast, adaware, clean up, c-cleaner, smitfraud et HJT et la j'espere que l'ordi ne va pas encore se rééteindre

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\services.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6860A44B-5D3E-433D-A7B5-D517F810D0E7} - C:\Program Files\NetProject\sbmdl.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: e404 helper - {DF47DD37-AC11-4A93-8E16-2B2364AF0897} - (no file)
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.18\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: figpecker - {7d7bd0c4-4913-4933-b870-7388a7bffb82} - C:\WINDOWS\system32\lvhjtsa.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security	mproxy.exe

ptipot · Answer

Bonjour 
suite à la tentative de téléchargement d'un codec, je suis infecté par trojan-spy.win32@mx et impossible d'enlever le message d'alerte dans la barre de tache.
Avast a fait le ménage mais sans succès sur le message d'alerte.

Que dois-je faire ?

Merci

ptipot

Regis59 · Answer

Bonjour,
Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

A bientôt

Hugo · Answer

Bonjour j'ai le meme problèmes j'ai fait la démarche et j'arrive aux soucis qu'est qu'il faut coché s'ilteplait



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:34, on 26/04/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\SpeedRam2\Speedram.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Windows\System32undll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32undll32.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Users\HµgôBo$$\AppData\Local\wgpeokvbg.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\TeamSpeak3\TeamSpeak.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Users\HµgôBo$$\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SpeedRam2] C:\PROGRA~1\SPEEDR~1\speedram.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [wgpeokvbg] c:\users\hµgôbo$$\appdata\local\wgpeokvbg.exe wgpeokvbg
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin
pjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin
pjpi150_01.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

Hugo · Answer

Bonjour j'ai le meme problème qu'est que je dois choché s'ilteplait

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:34, on 26/04/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\SpeedRam2\Speedram.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Windows\System32undll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32undll32.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Users\HµgôBo$$\AppData\Local\wgpeokvbg.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\TeamSpeak3\TeamSpeak.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Users\HµgôBo$$\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SpeedRam2] C:\PROGRA~1\SPEEDR~1\speedram.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [wgpeokvbg] c:\users\hµgôbo$$\appdata\local\wgpeokvbg.exe wgpeokvbg
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin
pjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin
pjpi150_01.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

Hugo · Answer

Bonjour j'ai le meme problème qu'est que je dois choché s'ilteplait

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:34, on 26/04/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\SpeedRam2\Speedram.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Windows\System32undll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32undll32.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Users\HµgôBo$$\AppData\Local\wgpeokvbg.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\TeamSpeak3\TeamSpeak.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Users\HµgôBo$$\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SpeedRam2] C:\PROGRA~1\SPEEDR~1\speedram.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [wgpeokvbg] c:\users\hµgôbo$$\appdata\local\wgpeokvbg.exe wgpeokvbg
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin
pjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin
pjpi150_01.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

plouf plouf · Answer

Bonjour,
Pour rendre service .
Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

A +;)

[Virus] Infecté par spy trojan-spy.win32@mx

87 réponses

Discussions similaires