Sujet Précédent Sujet Suivant

Trojan horse downloader.generic2.MUZ

Résolu/Fermé
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010 - 5 déc. 2006 à 21:56
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 6 déc. 2006 à 23:03
bonjour,
je souhaiterais savoir si quelqu'un pouvait m'aider a eliminer un trojan horse downloader.generic2.MUZ
j'ai effectué une analyse avec AVG anti-spyware et une avec hijack this.
merci d'avance
A voir également:

16 réponses

Réponse 1 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
5 déc. 2006 à 22:01
Salut

# Télécharge ceci: (merci a S!RI pour ce petit programme).

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.

0
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
5 déc. 2006 à 22:12
salut
voici le rapport
SmitFraudFix v2.128

Rapport fait à 22:11:00,08, 05/12/2006
Executé à partir de C:\Documents and Settings\G‚rald\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\G‚rald


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\G‚rald\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\GRALD~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 2 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
5 déc. 2006 à 22:16
re

ok,

scan en ligne : colle rapport entier ( s’il y a quelque chose) :

http://www.bitdefender.fr/bd/site/search.php#


ensuite poste un nouveau hijackthis stp

++
0
Réponse 3 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
5 déc. 2006 à 22:29
re,
est ce que c'est normal que bitdefender onlyne prevoit une analyse de presque 4h
A+
0
Réponse 4 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
5 déc. 2006 à 22:31
ouep ! c'est pas impossible :)

mais bon, parfois l'estimation est un peu erronée ! parfois ... :)

++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
5 déc. 2006 à 23:09
re,
peux tu me dire si c normal qu'au bout d'un moment l'analyse s'arrete alors qu'elle n'est pas finie
je n'arrive pas a aller au bout
merci
0
Réponse 6 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
5 déc. 2006 à 23:15
re

des fois, ça prends des "pauses", on a l'impression que ça n'avance plus, mais c'est normal, cela dis, faut pas qu'elles prennent des heures non plus ...

++
0
Réponse 7 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
5 déc. 2006 à 23:22
ok merci
j'espere que ca va pas prendre toute la nuit
faut que je dorme un peu
0
Réponse 8 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
5 déc. 2006 à 23:35
j'espere que ca va pas prendre toute la nuit

ça me semble bien partie :)

je coupe pour ce soir

++
0
Réponse 9 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
5 déc. 2006 à 23:44
ok
je t'enverrai les rapports demain
ciao
0
Réponse 10 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
6 déc. 2006 à 00:33
re,
avant coucher
voici le rapport bitdefender
BitDefender Online Scanner



Rapport d'analyse généré à: Wed, Dec 06, 2006 - 00:28:25





Voie d'analyse: A:\;C:\;D:\;







Statistiques

Temps
01:34:17

Fichiers
534548

Directoires
4869

Secteurs de boot
2

Archives
3268

Paquets programmes
69133




Résultats

Virus identifiés
10

Fichiers infectés
17

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
17




Info sur les moteurs

Définition virus
324937

Version des moteurs
AVCORE v1.0 (build 2368) (i386) (Nov 16 2006 11:31:19)

Analyse des plugins
14

Archive des plugins
38

Unpack des plugins
6

E-mail plugins
6

Système plugins
1




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
*;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
Infecté par: Trojan.Downloader.MSIL.A

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
Infecté par: Trojan.Downloader.MSIL.B

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
Infecté par: Trojan.Downloader.MSIL.B

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
Infecté par: Trojan.Downloader.MSIL.B

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
Infecté par: Trojan.Zapchast.DB

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
Infecté par: Trojan.Downloader.MSIL.B

C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
Echec de la désinfection

C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
Supprimé

C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
Infecté par: Trojan.Downloader.MSIL.B

C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
Echec de la désinfection

C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
Infecté par: Trojan.Dropper.VB

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
Détecté avec: Adware.Popupwithcast.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)
Echec de la mise à jour

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
Détecté avec: Adware.Popupwithcast.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
Infecté par: Trojan.Cmapp.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
Infecté par: Trojan.Cmapp.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
Infecté par: Trojan.Clicker.VB.FU

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
Infecté par: Trojan.Clicker.AS

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
Supprimé

C:\WINDOWS\aff_0006.exe
Infecté par: Trojan.Clicker.AS

C:\WINDOWS\aff_0006.exe
Echec de la désinfection

C:\WINDOWS\aff_0006.exe
Supprimé

C:\WINDOWS\newpop06.exe
Infecté par: Trojan.Popuper.BP

C:\WINDOWS\newpop06.exe
Echec de la désinfection

C:\WINDOWS\newpop06.exe
Supprimé

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
Infecté par: Trojan.Downloader.BKK

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
Echec de la désinfection

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
Supprimé

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)
Echec de la mise à jour


ainsi que celui de hijack this

Logfile of HijackThis v1.99.1
Scan saved at 00:32:25, on 06/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Conversions Plus\FORMATM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\SmartAP_K2\iRunMon.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\s?mbols\w?nspool.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Conversions Plus\MacName.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Documents and Settings\Gérald\Bureau\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [MacLicense] "C:\Program Files\Conversions Plus\MacLic.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iRunMon.exe] C:\Program Files\SmartAP_K2\iRunMon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
O4 - HKCU\..\Run: [Bhlxn] C:\WINDOWS\system32\s?mbols\w?nspool.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MacName.lnk = C:\Program Files\Conversions Plus\MacName.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O15 - Trusted Zone: *.dollarrevenue.com
O15 - Trusted Zone: *.mmohsix.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - mk:@MSITStore:C:\DOCUME~1\GRALD~1\LOCALS~1\Temp\winfix.chm::/SystemDoctor2006FreeInstall.cab
O18 - Protocol: bw+0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MacFormatService - Unknown owner - C:\Program Files\Conversions Plus\FORMATM.EXE" /SERVICE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
0
Réponse 11 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
6 déc. 2006 à 14:50
salut green day,
je sais pas si tu as vu les rapports que je t'ai envoyé hier
est ce ke c'est concluant?
A+
0
Réponse 12 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
6 déc. 2006 à 20:17
salut,
voici les rapports d'hier soir
BitDefender Online Scanner



Rapport d'analyse généré à: Wed, Dec 06, 2006 - 00:28:25





Voie d'analyse: A:\;C:\;D:\;







Statistiques

Temps
01:34:17

Fichiers
534548

Directoires
4869

Secteurs de boot
2

Archives
3268

Paquets programmes
69133




Résultats

Virus identifiés
10

Fichiers infectés
17

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
17




Info sur les moteurs

Définition virus
324937

Version des moteurs
AVCORE v1.0 (build 2368) (i386) (Nov 16 2006 11:31:19)

Analyse des plugins
14

Archive des plugins
38

Unpack des plugins
6

E-mail plugins
6

Système plugins
1




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
*;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
Infecté par: Trojan.Downloader.MSIL.A

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
Infecté par: Trojan.Downloader.MSIL.B

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
Infecté par: Trojan.Downloader.MSIL.B

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
Infecté par: Trojan.Downloader.MSIL.B

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
Infecté par: Trojan.Zapchast.DB

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
Echec de la désinfection

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
Supprimé

C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
Echec de la mise à jour

C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
Infecté par: Trojan.Downloader.MSIL.B

C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
Echec de la désinfection

C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
Supprimé

C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
Infecté par: Trojan.Downloader.MSIL.B

C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
Echec de la désinfection

C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
Infecté par: Trojan.Dropper.VB

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
Détecté avec: Adware.Popupwithcast.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)
Echec de la mise à jour

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
Détecté avec: Adware.Popupwithcast.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
Infecté par: Trojan.Cmapp.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
Infecté par: Trojan.Cmapp.A

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
Infecté par: Trojan.Clicker.VB.FU

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
Supprimé

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
Infecté par: Trojan.Clicker.AS

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
Echec de la désinfection

C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
Supprimé

C:\WINDOWS\aff_0006.exe
Infecté par: Trojan.Clicker.AS

C:\WINDOWS\aff_0006.exe
Echec de la désinfection

C:\WINDOWS\aff_0006.exe
Supprimé

C:\WINDOWS\newpop06.exe
Infecté par: Trojan.Popuper.BP

C:\WINDOWS\newpop06.exe
Echec de la désinfection

C:\WINDOWS\newpop06.exe
Supprimé

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
Infecté par: Trojan.Downloader.BKK

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
Echec de la désinfection

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
Supprimé

C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)
Echec de la mise à jour


et le deuxieme:
Logfile of HijackThis v1.99.1
Scan saved at 00:32:25, on 06/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Conversions Plus\FORMATM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\SmartAP_K2\iRunMon.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\s?mbols\w?nspool.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Conversions Plus\MacName.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Documents and Settings\Gérald\Bureau\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [MacLicense] "C:\Program Files\Conversions Plus\MacLic.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iRunMon.exe] C:\Program Files\SmartAP_K2\iRunMon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
O4 - HKCU\..\Run: [Bhlxn] C:\WINDOWS\system32\s?mbols\w?nspool.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MacName.lnk = C:\Program Files\Conversions Plus\MacName.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O15 - Trusted Zone: *.dollarrevenue.com
O15 - Trusted Zone: *.mmohsix.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - mk:@MSITStore:C:\DOCUME~1\GRALD~1\LOCALS~1\Temp\winfix.chm::/SystemDoctor2006FreeInstall.cab
O18 - Protocol: bw+0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MacFormatService - Unknown owner - C:\Program Files\Conversions Plus\FORMATM.EXE" /SERVICE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

si tu pouvais me dire ce qu'il faut faire ensuite parce que la j'en peu plus
merci
0
Réponse 13 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
6 déc. 2006 à 20:19
Salut

oui,j 'ai vu, je suis passé tout à l'heure, mais pas eu le temps de regarder dans le détail !

# Désactiver la Restauration du système

* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs

( tu pourras la réactivé à la fin de la manip ! )

# Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

R3 - URLSearchHook: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
O4 - HKCU\..\Run: [Bhlxn] C:\WINDOWS\system32\s?mbols\w?nspool.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407

O15 - Trusted Zone: *.dollarrevenue.com
O15 - Trusted Zone: *.mmohsix.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab


O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - mk:@MSITStore:C:\DOCUME~1\GRALD~1\LOCALS~1\Temp\winfix.chm::/SystemDoctor2006FreeInstall.cab


O18 - Protocol: bw+0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll


O18 - Protocol: offline-8876480 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe



==> Cliques sur :

demarrer < executer < tapes " services.msc"

cherches dans la liste cette ligne et regles la sur "desactivé"

France Telecom Routing Table Service

==> cherche et supprime et les fichiers en gras :

C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
C:\WINDOWS\system32\s?mbols\w?nspool.exe
C:\WINDOWS\System32\cmnbwe.dll

# ensuite, télécharge et execute ces progs :

*CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm


*Ccleaner : Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .

*Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"

ccleaner

tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php


ensuite, reposte un nouveau hijackthis et precise tes soucis s'il en reste !

++


On peut aussi bâtir quelque chose de beau avec les pierres qui entravent le chemin ( J.W.VON GOETHE
)
0
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
6 déc. 2006 à 21:39
re,
voici le dernier rapport hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 21:36:43, on 06/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Conversions Plus\FORMATM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\SmartAP_K2\iRunMon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\s?mbols\w?nspool.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Conversions Plus\MacName.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Documents and Settings\Gérald\Bureau\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [MacLicense] "C:\Program Files\Conversions Plus\MacLic.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [iRunMon.exe] C:\Program Files\SmartAP_K2\iRunMon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - Global Startup: MacName.lnk = C:\Program Files\Conversions Plus\MacName.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MacFormatService - Unknown owner - C:\Program Files\Conversions Plus\FORMATM.EXE" /SERVICE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

par contre je ne sais pas s'il reste des soucis, j'ai besoin de tes lumieres pour ca
A
+
0
Réponse 14 / 16
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
6 déc. 2006 à 21:15
re,
dis moi comment je fais pour cherchr et surtout supprimer ces fichiers:

C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
C:\WINDOWS\system32\s?mbols\w?nspool.exe
C:\WINDOWS\System32\cmnbwe.dll

parce ke je n'y arrive pas
merci
0
Réponse 15 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
6 déc. 2006 à 22:31
re

bien, pour supprimer ces fichires/dossiers

tu vas dans :

demarrer < poste de travail < disque local ( C: )

( affiche les fichiers et dossiers cachés, s'ils sont cachés )

pour le 1er : tu cherches le dossier " Program Files"

ensuite tu cherche le sous dossier "Fichiers communs" et tu supprime cet executable : mc-58-12-0000106.exe

pareil pour les autres, en fait, il faut suivre le chemin !

C:\WINDOWS\system32\s?mbols\w?nspool.exe
C:\WINDOWS\System32\cmnbwe.dll

si c'est pas très claire,n'hesite pas à poser tes questions !

par contre je ne sais pas s'il reste des soucis, j'ai besoin de tes lumieres pour ca

comment se comporte ton PC ??? ;-))


++
0
marsattak Messages postés 79 Date d'inscription mardi 5 décembre 2006 Statut Membre Dernière intervention 21 septembre 2010
6 déc. 2006 à 22:58
re,
j'ai edemaré l'ordi et j'ai eussi a supprimer 2 des 3 fichiers
par contre le dernier :C:\WINDOWS\System32\cmnbwe.dll
je ne le trouve pas
j'ai l'impression que l'ordi fonctionne bien
merci en tout cas
je te recontacte si j'ai des soucis
A+
0
Réponse 16 / 16
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
6 déc. 2006 à 23:03
re

ok! :-)

installe un parfeu !!

kerio

tuto : pour configurer et comprendre Kerio
https://www.vulgarisation-informatique.com/kerio.php


avec un peu de lecture au passage :

https://sebsauvage.net/safehex.html

securite proteger un ordinateur contre les malwares d internet

@+

;-))

On peut aussi bâtir quelque chose de beau avec les pierres qui entravent le chemin ( J.W.VON GOETHE
)
0

Discussions similaires

Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses
Trojan alerte
Titou43 -
gen-hackman -

23 réponses
qu'est ce qu'un "trojan agent/gen" ? svp
Saber03 -
jacques.gache -

33 réponses