Sujet Précédent Sujet Suivant

Aide pour suppression "qfyqakn.dll"

Résolu/Fermé
Dogue des Flandres Messages postés 7 Date d'inscription vendredi 29 décembre 2006 Statut Membre Dernière intervention 16 octobre 2007 - 29 déc. 2006 à 13:36
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 30 déc. 2006 à 23:46
Bonjour,
Lors du démarrage de mon PC, une fenêtre apparait se nommant "RUNDLL" avec le message suivant "erreur de chargement c:\documents and settings\olivier\local settings\application data\qfyqakn.dll
le module spécifié est introuvable"

J'ai passé mon PC sous plusieurs antivirus et supprimer des fichiers infectés. Il ne semble plus infecté mais ce message reste toujours. Quand je ferme la fenêtre apparemment je n'ai aucun dysfonctionnement.

Est ce que quelqu'un pourrait m'aider à supprimer définitivement cette fenêtre.

Salutations.
A voir également:

9 réponses

Réponse 1 / 9
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
29 déc. 2006 à 13:45
Salut

cette dll appartient à un torjan !

Télécharge ceci :

Lien : hijackthis

Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm

Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi généré sur le forum.

++
0
Réponse 2 / 9
Dogue des Flandres Messages postés 7 Date d'inscription vendredi 29 décembre 2006 Statut Membre Dernière intervention 16 octobre 2007
30 déc. 2006 à 13:54
Bonjour Green Day,

Excuse moi de ne pas t'avoir répondu avant mis mon emploi du temps a été chargé.
Je te colle le rapport Hijack et dis moi ce que tu en pense.

Logfile of HijackThis v1.99.1
Scan saved at 13:34:45, on 30/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\lOGICIELS INSTALLES\kerio personnal firewall-2.1.5\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
D:\CyberLink\PowerDVD\PDVDServ.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Yahoo\Messenger\YahooMessenger.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\Documents and Settings\olivier\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender8\bdnagent.exe
O4 - HKLM\..\Run: [RemoteControl] D:\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gwiz] C:\WINDOWS\System32\ntsystem.exe
O4 - HKLM\..\Run: [qfyqakn.dll] C:\WINDOWS\System32\rundll32.exe "C:\Documents and Settings\olivier\Local Settings\Application Data\qfyqakn.dll",xysmkvf
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0C7CB77D-0416-7220-BF84-6E4911F61CEE} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {1C45936C-7CBF-37AC-29CA-75F9649C2885} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {1E13D570-0B27-136F-EBD2-204D4AB2E50C} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {238615BB-3B77-36CB-18A3-42FD00B1086C} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {250F701F-7BF9-1E95-4536-2FD97E1ED379} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {25192BC4-B25B-3FE8-08E8-42F21CB0901D} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {26AE2B6F-50A4-012A-463E-52D859BD6F72} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {26D4CFAF-EEA7-2C92-E12F-74187D3C6BD5} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {2854FC99-09E8-79D3-7938-03831BC396A8} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {2CAD2083-3373-01B2-49E8-5A7739DE7664} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo\Common\yinsthelper.dll
O16 - DPF: {30EDDED1-68F5-6BEC-EAEC-1BD9524DB5C0} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {311DEBB6-3980-36E2-04F1-7B147D7E5763} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {394EBE91-2FA1-7F3F-9440-56F036800829} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {3E5F0801-D752-0B45-BC94-1E9F7E5343F9} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {58637176-5C72-7A0D-BF8A-21673ABF43BD} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {5BA15D8E-AEBB-2854-0AF4-0DE0710B34B7} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5E06C4FA-0228-58A5-4F08-4EF710473801} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {5F2B2C6D-FF56-37DD-C219-2E827D47C9D1} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {6B094D50-D863-4114-F26F-2CB4571D1D28} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {6C64EB54-4D2B-121A-E557-513B66E67691} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7D864BEA-B951-36F7-F9B2-6D8538AD500D} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {7E512E46-2AD7-6D13-C30F-1B650C432960} - http://85.255.115.229/1/gdnFR2175.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5E331F0-66C1-4C60-8A19-6E187EA198E3}: NameServer = 86.64.145.144 84.103.237.144
O18 - Protocol: bw+0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: sockspy.dll sockspy.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - D:\lOGICIELS INSTALLES\kerio personnal firewall-2.1.5\persfw.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Dans l'attente de ta réponse, je reste à ton écoute.

La finalité du bien est un plaisir que l'on partage avec ceux qui ne le savent pas.
0
Réponse 3 / 9
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
30 déc. 2006 à 14:22
Salut

ok, des traces de wareout, mais bon ...

Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

O16 - DPF: {0C7CB77D-0416-7220-BF84-6E4911F61CEE} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {1C45936C-7CBF-37AC-29CA-75F9649C2885} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {1E13D570-0B27-136F-EBD2-204D4AB2E50C} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {238615BB-3B77-36CB-18A3-42FD00B1086C} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {250F701F-7BF9-1E95-4536-2FD97E1ED379} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {25192BC4-B25B-3FE8-08E8-42F21CB0901D} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {26AE2B6F-50A4-012A-463E-52D859BD6F72} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {26D4CFAF-EEA7-2C92-E12F-74187D3C6BD5} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {2854FC99-09E8-79D3-7938-03831BC396A8} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {2CAD2083-3373-01B2-49E8-5A7739DE7664} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo\Common\yinsthelper.dll
O16 - DPF: {30EDDED1-68F5-6BEC-EAEC-1BD9524DB5C0} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {311DEBB6-3980-36E2-04F1-7B147D7E5763} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {394EBE91-2FA1-7F3F-9440-56F036800829} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {3E5F0801-D752-0B45-BC94-1E9F7E5343F9} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {58637176-5C72-7A0D-BF8A-21673ABF43BD} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {5BA15D8E-AEBB-2854-0AF4-0DE0710B34B7} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5E06C4FA-0228-58A5-4F08-4EF710473801} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {5F2B2C6D-FF56-37DD-C219-2E827D47C9D1} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {6B094D50-D863-4114-F26F-2CB4571D1D28} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {6C64EB54-4D2B-121A-E557-513B66E67691} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
O16 - DPF: {7D864BEA-B951-36F7-F9B2-6D8538AD500D} - http://85.255.115.229/1/gdnFR2175.exe
O16 - DPF: {7E512E46-2AD7-6D13-C30F-1B650C432960} - http://85.255.115.229/1/gdnFR2175.exe



O18 - Protocol: bw+0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

ensuite, fais le 1/ et 2/ de ce lien stp :

virus methode preliminaire de desinfection version fr

@+

;-))
0
Réponse 4 / 9
Dogue des Flandres Messages postés 7 Date d'inscription vendredi 29 décembre 2006 Statut Membre Dernière intervention 16 octobre 2007
30 déc. 2006 à 18:04
Salut Green Day,

Ca y est, J'ai fixé avec Hitjack les fichiers que tu m'as indiqué et un dossier nommé "backups"s'est crèé.
Ensuite j'ai passé AVG et supprimer les fichiers infectés. Puis j'ai passé Bitdefender en ligne et aussi supprimé les fichiers infectés, et en n'oubliant pas d'enregistrer un rapport à chaque fois que je te joins.

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:04:22 30/12/2006

+ Résultat de l'analyse:



C:\WINDOWS\system32\czpeexk.dll -> Downloader.Busky.r : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.19:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.20:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.21:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.22:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\olivier\Cookies\olivier@adbrite[2].txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.33:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.36:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.155:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.23:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.63:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.156:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.157:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
C:\Documents and Settings\olivier\Cookies\olivier@ivwbox[1].txt -> TrackingCookie.Ivwbox : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.10:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.11:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.12:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\olivier\Cookies\olivier@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.13:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\olivier\Cookies\olivier@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.160:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.161:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.162:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.


Fin du rapport

Apparemment ce qui craint c'est le 1er fichier "Buski.r"


Ci-joint le rapport de :
BitDefender Online Scanner



Scan report generated at: Sat, Dec 30, 2006 - 17:42:01

Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;

Statistics

Time
01:27:40

Files
237422

Folders
6009

Boot Sectors
3

Archives
1970

Packed Files
16429




Results

Identified Viruses
2

Infected Files
2

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
2




Engines Info

Virus Definitions
363477

Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\CD2J4DUR\gdnFR2175[1].exe
Infected with: Trojan.Obfuscated.2.Gen

C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\CD2J4DUR\gdnFR2175[1].exe
Disinfection failed

C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\CD2J4DUR\gdnFR2175[1].exe
Deleted

C:\System Volume Information\_restore{1088A5AE-E53E-41E6-9D3C-9E89920F734B}\RP2\A0000136.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{1088A5AE-E53E-41E6-9D3C-9E89920F734B}\RP2\A0000136.dll
Disinfection failed

C:\System Volume Information\_restore{1088A5AE-E53E-41E6-9D3C-9E89920F734B}\RP2\A0000136.dll
Deleted


Et voilà, dis moi s'il me reste à faire encore quelque chose.
@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
30 déc. 2006 à 18:51
ok, poste un nouveau hijack stp

++
0
Réponse 6 / 9
Dogue des Flandres Messages postés 7 Date d'inscription vendredi 29 décembre 2006 Statut Membre Dernière intervention 16 octobre 2007
30 déc. 2006 à 19:05
Eh bien voila un nouveau rapport


Logfile of HijackThis v1.99.1
Scan saved at 19:02:01, on 30/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\lOGICIELS INSTALLES\kerio personnal firewall-2.1.5\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
D:\CyberLink\PowerDVD\PDVDServ.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
D:\Program Files\Yahoo\Messenger\YahooMessenger.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\olivier\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender8\bdnagent.exe
O4 - HKLM\..\Run: [RemoteControl] D:\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gwiz] C:\WINDOWS\System32\ntsystem.exe
O4 - HKLM\..\Run: [qfyqakn.dll] C:\WINDOWS\System32\rundll32.exe "C:\Documents and Settings\olivier\Local Settings\Application Data\qfyqakn.dll",xysmkvf
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5E331F0-66C1-4C60-8A19-6E187EA198E3}: NameServer = 86.64.145.144 84.103.237.144
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {92ADD575-915F-40FB-8AE1-CB3EFB51AA60} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: sockspy.dll sockspy.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - D:\lOGICIELS INSTALLES\kerio personnal firewall-2.1.5\persfw.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Dans l'attente de ton diagnostic,
@+
0
Réponse 7 / 9
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
30 déc. 2006 à 21:27
re

ok,

# Désactiver la Restauration du système

* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs

( tu pourras la réactivé à la fin de la manip )

# Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)


O4 - HKLM\..\Run: [RemoteControl] D:\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gwiz] C:\WINDOWS\System32\ntsystem.exe
O4 - HKLM\..\Run: [qfyqakn.dll] C:\WINDOWS\System32\rundll32.exe "C:\Documents and Settings\olivier\Local Settings\Application Data\qfyqakn.dll",xysmkvf

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\3wqodpyl.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html

ensuite, télécharge et execute ceci :

* CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm

* Ccleaner : Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .

*Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"

ccleaner

tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

precise tes soucis s'il en reste,@+

;-))


On peut aussi bâtir quelque chose de beau avec les pierres qui entravent le chemin (J.W.VON GOETHE
)
0
Réponse 8 / 9
Dogue des Flandres Messages postés 7 Date d'inscription vendredi 29 décembre 2006 Statut Membre Dernière intervention 16 octobre 2007
30 déc. 2006 à 22:59
Salut,

Ouf, ça à l'air de marcher giga mieux qu'avant, j'ai mon PC qui démarre le feu de dieu et je n'ai plus ce message d'alerte.

Encore quelques mises au point stp,
- Qu'est ce que je fais du dossier "backups" qui a été généré par Hijack?
- Qu'est ce que je fais des registres sauvegardés par Ccleaner?
- Je suppose que AVG étant une version d'essai, je peux donc le désinstaller. J'ai Bitdenfer Professionnal 8 mais je me demande si je ne vais pas changer par la suite. Que pourrais tu me conseiller à la place?
- Crois tu que je risque d'avoir des bugs sur mes logiciels ou doivent ils fonctionner comme avant?

En tout cas, mille fois mercies et bravo à toi car mon probléme est résolu.

« Tant qu’un homme n’a pas découvert quelque chose pour lequel il serait prêt à mourir, il n’est pas à même de vivre. »
[ Martin Luther King ]

@+
0
Réponse 9 / 9
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
30 déc. 2006 à 23:46
re !


- Qu'est ce que je fais du dossier "backups" qui a été généré par Hijack?

ce dossier sert à resauter une ligne fixé en cas de soucis, si ton PC ne fais pas d'allergies, tu peux le supprimer sans problème !

- Qu'est ce que je fais des registres sauvegardés par Ccleaner?

idem !

- Je suppose que AVG étant une version d'essai, je peux donc le désinstaller.

non, ce soft est totalement gratuit ! à garder, mettre à jour et utiliser regulièrement !

J'ai Bitdenfer Professionnal 8 mais je me demande si je ne vais pas changer par la suite. Que pourrais tu me conseiller à la place?

perso, je trouve ce soft "tout en un" => un peu bof, et le parfeu integré encore plus bofbof !

si tu changes : mets avast comme antivirus ( pas mal du tout et gratuit, ou PC-cillin , que je trouve pas mal aussi ) et un parfeu comme kerio ou zone alarme ( très bien tous les deux et gratuits aussi ! )

- Crois tu que je risque d'avoir des bugs sur mes logiciels ou doivent ils fonctionner comme avant?

quels logiciels ???

un peu de lecture :

https://sebsauvage.net/safehex.html

securite proteger un ordinateur contre les malwares d internet


==> mille fois de rien ;-))

@+

PS : très jolies citations ^^
0

Discussions similaires

me desinscrire du site voisinsolitaire.com
maitre -
bazfile -

17 réponses
Que se passe-t-il quand on supprime un ami sur snapchat
Lilob7 -
kemani06 -

1 réponse
Comment supprimer une conversation Messenger pour les 2 personnes ?
mercidemaider -
sd -

7 réponses