Sujet Précédent Sujet Suivant

Aide pour analyse hijackthis

Résolu/Fermé
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015 - 9 févr. 2007 à 14:17
 Utilisateur anonyme - 23 févr. 2007 à 00:24
Bonjour à tous le forum.
Depuis le reformatage de mon disque dur et la réinstalation de windows, je suis infecté parle virus SERWAB quie souhaite que j'installe winantivirus,et je n'arrive pas à le détruire.J'ai fait des recherches sur internet ,et la seule solution pour l'eradiquer est de faire une analyse hijackthis.
J'ai suivi plusieurs tutos traitant le sujet sur les nanalyses hijackthis,et maintenant j'aurai besoin d'aide pour me dire qu'elle fichier effacer du systeme.
Dans l'attente qu'une âme bienveillante veuille bien venir à mon secour,
Cordialement


log hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 17:43:02, on 08/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww.yahoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll


log blacklight

02/08/07 17:45:27 [Info]: BlackLight Engine 1.0.55 initialized
02/08/07 17:45:27 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/08/07 17:45:27 [Note]: 7019 4
02/08/07 17:45:27 [Note]: 7005 0
02/08/07 17:45:32 [Note]: 7006 0
02/08/07 17:45:32 [Note]: 7011 1244
02/08/07 17:45:32 [Note]: 7026 0
02/08/07 17:45:32 [Note]: 7026 0
02/08/07 17:45:37 [Note]: FSRAW library version 1.7.1021
02/08/07 17:51:09 [Note]: 7007 0


log smitfraud

SmitFraudFix v2.138

Rapport fait à 17:44:19,48, 08/02/2007
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jey


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jey\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Jey\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
A voir également:

33 réponses

  • 1
  • 2
Réponse 1 / 33
Utilisateur anonyme
9 févr. 2007 à 15:39
Bonjour

Où est ton anti-virus et ton pare-feu ?

Tu as quoi comme anti-spywares ?
0
Réponse 2 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
9 févr. 2007 à 16:54
mon antivirus et panda internet security et comme anti spyware je dispose de spybot
encor merci de bien vouloir m'aider
0
Réponse 3 / 33
Utilisateur anonyme
9 févr. 2007 à 22:10
Si tu as fait le scan avec Hijackthis en mode sans echec, merci de recommencer et de le faire en mode normal, si non ça ne sert pas à grand chose.
De plus réactive ton antivirus car il n'apparait pas. Tu sembles avoir touché à Hijackthis si c'est le cas dis le moi pour éviter de tourner en rond !

A++
0
Réponse 4 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
10 févr. 2007 à 07:32
Voici la nouvelle analyse demanderen mode normal et avec panda activé.
Quand à hitjackthis,non je n'ai touché à rien il me semble,c'est meme sur
Encore merci à toi pour l'aide que tu veux bien m'apporter, c'est vraiment sympa




Logfile of HijackThis v1.99.1
Scan saved at 07:09:23, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\AIRPLUS.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\apvxdwin.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww.yahoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe --ports
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: D-Link REG Utility.lnk = C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\Reg.exe
O4 - Global Startup: DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Windows Host Services (DLLHOST32) - Unknown owner - C:\WINDOWS\system\dllhost.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
0
Utilisateur anonyme
11 févr. 2007 à 01:26
Salut

¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste la ligne ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle la sur "désactivé"

- Windows Host Services


¤ Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/


¤ Voici des anti-spywares si tu ne les as pas, télécharge les et scanne complétement ton PC et supprime tout ce qu'ils pourraient te trouver

----> http://www.infos-du-net.com/telecharger/Destroy-Search-Spybot,0301-324.html

Si tu as besoin d'aide avec Sybot regarde ce tutoriel :
--> http://www.tutoriaux-excalibur.com/spybot.htm


A² squared : gratuit en français (fait un scan rusé et colle le rapport ici stp)
----> http://www.infos-du-net.com/telecharger/a-squared,0301-1233.html

Si tu as besoin d'aide avec A-squared regarde ce tutoriel :
--> https://kerio.probb.fr/t223-tuto-pour-a-squared-free


Ad-Aware SE Personal : gratuit en anglais disponible en français voir tutoriel
----> http://www.infos-du-net.com/telecharger/Ad-aware-Personal,0301-244.html

Si tu as besoin d'aide pour Ad-aware regarde ce tutoriel :
--> https://kerio.probb.fr/t207-tutoriel-pour-ad-aware-anti-spyware


Télécharge et installe AVG anti-spyware :
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions, supprime les. Enregistre le rapport et colle le ici stp

AVG anti-spyware : reste gratuit après la période d'essai en français
---->http://www.infos-du-net.com/telecharger/Anti-Spyware-AVG,0301-7063.html

Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
--> http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

A++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
11 févr. 2007 à 09:55
voici deja le rapport de bitdefender

BitDefender Online Scanner



Scan report generated at: Sun, Feb 11, 2007 - 09:47:46





Scan path: A:\;C:\;D:\;E:\;F:\;G:\;







Statistics

Time
00:58:11

Files
476601

Folders
4774

Boot Sectors
5

Archives
2256

Packed Files
63349




Results

Identified Viruses
4

Infected Files
6

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
3




Engines Info

Virus Definitions
419891

Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Program Files\VSAdd-in\VSAdd-in.dll
Infected with: Trojan.Agent.ACL

C:\Program Files\VSAdd-in\VSAdd-in.dll
Disinfection failed

C:\Program Files\VSAdd-in\VSAdd-in.dll
Deleted

C:\WINDOWS\system32\awtstss.dll
Infected with: DeepScan:Generic.Malware.SYddldg.855620B1

C:\WINDOWS\system32\awtstss.dll
Disinfection failed

C:\WINDOWS\system32\awtstss.dll
Delete failed

C:\WINDOWS\system32\efcdbab.dll
Infected with: DeepScan:Generic.Malware.SYddldg.855620B1

C:\WINDOWS\system32\efcdbab.dll
Disinfection failed

C:\WINDOWS\system32\efcdbab.dll
Deleted

C:\WINDOWS\system32\hyemksjr.dll
Infected with: Trojan.Juan.E

C:\WINDOWS\system32\hyemksjr.dll
Disinfection failed

C:\WINDOWS\system32\hyemksjr.dll
Delete failed

C:\WINDOWS\system32\niqsyyqv.exe
Infected with: Trojan.Agent.ACL

C:\WINDOWS\system32\niqsyyqv.exe
Disinfection failed

C:\WINDOWS\system32\niqsyyqv.exe
Deleted

C:\WINDOWS\system32\ssqrr.dll
Infected with: MemScan:Trojan.Vundo.AA

C:\WINDOWS\system32\ssqrr.dll
Disinfection failed

C:\WINDOWS\system32\ssqrr.dll
Delete failed
0
Réponse 6 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
11 févr. 2007 à 11:10
Salut voici les rapports demandés sauf pour a2 5bug d'internet explorer lors du telechargement)
Je reessairai en fin d'apres midi , je doit aller manger chez mes parents encore merci pour ton aide


rapport avg



---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:51:35 11/02/2007

+ Résultat de l'analyse:



C:\WINDOWS\system32\awtstss.dll -> Adware.Virtumonde : Ignoré.




Fin du rapport



---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:53:42 11/02/2007

+ Résultat de l'analyse:





Fin du rapport



---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:36:12 11/02/2007

+ Résultat de l'analyse:



C:\Documents and Settings\Jey\Mes documents\IGN\Pack d'utilitaires pour CD Carto Exploreur par GusD\Cracks\Crack CartoNav-CartoNavPlus.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
C:\Documents and Settings\Jey\Cookies\jey@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Aucune action entreprise.
C:\Documents and Settings\Jey\Cookies\jey@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Aucune action entreprise.


Fin du rapport
0
Réponse 7 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
11 févr. 2007 à 16:41
Salut voici enfin le scan de a 2 mais sache que je n'ai pas encore reussi à faire les mises à jour


Version - a-squared Free 2.1

Réglages Scan:

Objets: Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
Scan archives: Marche
Heuristiques: Marche
Scan ADS: Marche

Début du scan: 11/02/2007 16:23:46

C:\Documents and Settings\Jey\Cookies\jey@247realmedia[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Jey\Cookies\jey@atdmt[2].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Jey\Cookies\jey@bluestreak[2].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Jey\Cookies\jey@doubleclick[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Jey\Cookies\jey@mediaplex[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Jey\Cookies\jey@weborama[2].txt Détecter: Trace.TrackingCookie

Scanné

Fichiers: 43787
Traces: 84342
Cookies: 52
Processus: 55

Trouver

Fichiers: 0
Traces: 0
Cookies: 6
Processus: 0
Clés de Registre: 0

Fin du Scan: 11/02/2007 16:35:53
Temps du Scan: 00:12:07
0
Réponse 8 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
11 févr. 2007 à 19:27
voici le rapport avec a2 mis à jour



Version - a-squared Free 2.1

Réglages Scan:

Objets: Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
Scan archives: Marche
Heuristiques: Marche
Scan ADS: Marche

Début du scan: 11/02/2007 18:58:10

C:\Documents and Settings\Jey\Cookies\jey@247realmedia[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Jey\Cookies\jey@atdmt[2].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Jey\Cookies\jey@bluestreak[1].txt Détecter: Trace.TrackingCookie

Scanné

Fichiers: 43794
Traces: 97219
Cookies: 45
Processus: 55

Trouver

Fichiers: 0
Traces: 0
Cookies: 3
Processus: 0
Clés de Registre: 0

Fin du Scan: 11/02/2007 19:10:21
Temps du Scan: 00:12:11
0
Réponse 9 / 33
Utilisateur anonyme
11 févr. 2007 à 20:42
Salut

très bien merci.

¤ Clic sur démarrer, rechercher, cherche et supprime ces fichiers si présents :

awtstss.dll
hyemksjr.dll
ssqrr.dll

**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.


¤ Télécharge VundoFix
http://www.atribune.org/ccount/click.php?id=4

double clic dessus choisis "start for vundo"
attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
un message te demandera si tu veux supprimes les fichiers sur "yes"
Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer sinon, fais le par toit même
Une fois qu'il a redemarré colle le rapport C:\vundofix.txt et un nouveau rapport hijackthis stp
0
Réponse 10 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
13 févr. 2007 à 17:53
salut à toi c'est vraiment sympas de m'aider,
mais la je croit que je suis tombé sur un os.
j'ai effectivement le fichier awtstss.dll,mais impossible à supprimer,il me marque ce fichier est utilisé par une autre ressourc.
Meme en mode sans echec (la j'y comprend plus rien),
quand aux deux autres, hyemksjr.dll et ssqrr.dll la recherche n'a rien trouvé.
Existe t il un autre moyen pour le supprimer???
Faut 'il que je te post les analyses que tu m'as demandé ou tu prefers le supprimer avant???
By a plus
0
Réponse 11 / 33
Utilisateur anonyme
13 févr. 2007 à 23:08
Salut

¤ Fait la manipulation avec VundoFix

¤ Recommence un scan complet de ton PC avec AVG antispyware puis supprime ce qu'il te trouvera et colle le rapport ici stp
0
Réponse 12 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
14 févr. 2007 à 19:39
salut,à toi voici le rapport vundofix comme tu me l'as demandé



VundoFix V6.3.6

Checking Java version...

Scan started at 18:06:24 14/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\awtstss.dll
C:\WINDOWS\system32\qvdfxuxb.exe
C:\WINDOWS\System32\rrqss.bak1
C:\WINDOWS\System32\rrqss.bak2
C:\WINDOWS\System32\rrqss.ini
C:\WINDOWS\System32\ssqrr.dll
C:\WINDOWS\system32\vtrwgrkw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awtstss.dll
C:\WINDOWS\system32\awtstss.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\qvdfxuxb.exe
C:\WINDOWS\system32\qvdfxuxb.exe Has been deleted!

Attempting to delete C:\WINDOWS\System32\rrqss.bak1
C:\WINDOWS\System32\rrqss.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\System32\rrqss.bak2
C:\WINDOWS\System32\rrqss.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\rrqss.ini
C:\WINDOWS\System32\rrqss.ini Has been deleted!

Attempting to delete C:\WINDOWS\System32\ssqrr.dll
C:\WINDOWS\System32\ssqrr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtrwgrkw.dll
C:\WINDOWS\system32\vtrwgrkw.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.6

Checking Java version...

Scan started at 18:22:20 14/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\awtstss.dll
C:\WINDOWS\system32\vtrwgrkw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awtstss.dll
C:\WINDOWS\system32\awtstss.dll Has been deleted!

Performing Repairs to the registry.
Done!
0
Réponse 13 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
14 févr. 2007 à 19:46
voici le rapport pour avg


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:35:26 14/02/2007

+ Résultat de l'analyse:



C:\VundoFix Backups\awtstss.dll.bad -> Adware.Virtumonde : Ignoré.
C:\Documents and Settings\Jey\Mes documents\IGN\Pack d'utilitaires pour CD Carto Exploreur par GusD\Cracks\Crack CartoNav-CartoNavPlus.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Ignoré.
C:\Documents and Settings\Jey\Cookies\jey@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@nsads.valuead[2].txt -> TrackingCookie.Valuead : Nettoyé.
C:\Documents and Settings\Jey\Cookies\jey@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.


Fin du rapport


et encore merci ;)
0
Réponse 14 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
15 févr. 2007 à 19:36
Salut voici le rapport hitjackthis

Logfile of HijackThis v1.99.1
Scan saved at 19:31:39, on 15/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\AIRPLUS.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\vtrwgrkw.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {A3467E93-5075-4D52-919C-D4CAAA4C036A} - C:\WINDOWS\System32\ssqrr.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {C47B9ECE-41D4-4ECD-BDDA-E17D068D99C2} - C:\WINDOWS\System32\awtstss.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\system32\mstask.exe
O4 - HKLM\..\RunOnce: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe --ports
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: D-Link REG Utility.lnk = C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\Reg.exe
O4 - Global Startup: DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {828DFF50-AAF4-48B0-9DE8-EBE915F893EB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: LBTWlgn - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
0
Réponse 15 / 33
Utilisateur anonyme
15 févr. 2007 à 19:47
Salut

Ok, très bien.


¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\vtrwgrkw.dll (file missing)
O2 - BHO: (no name) - {A3467E93-5075-4D52-919C-D4CAAA4C036A} - C:\WINDOWS\System32\ssqrr.dll (file missing)
O2 - BHO: (no name) - {C47B9ECE-41D4-4ECD-BDDA-E17D068D99C2} - C:\WINDOWS\System32\awtstss.dll (file missing)


¤ Télécharge Spywareblaster
----> spyware blaster

Puis exécute le logiciel pour lui appliquer les protections.
Si tu as besoin d'aide, regarde ce tutoriel pour Spywareblaster
https://kerio.probb.fr/t241-tuto-spywareblaster


¤ Télécharges Blacklight et sauvegarde le sur ton bureau.
https://www.f-secure.com/en
Double cliques sur " blbeta.exe " et acceptes la licence; clic sur "Scan" puis "Next"

Un rapport, va se créer sur ton bureau "fslb-....."
Copies et colles le contenu de ce rapport ici.

Ne touche à rien d'autre!
0
Réponse 16 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
16 févr. 2007 à 14:38
Salut
Voici le rapport blacklight que tu m'as demandé,
j'ai effectué toutes les manips decrites si dessus.
Je te remercie encore pour l'aide precieuse que tu m'apportes.



02/16/07 14:19:38 [Info]: BlackLight Engine 1.0.55 initialized
02/16/07 14:19:38 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/16/07 14:19:38 [Note]: 7019 4
02/16/07 14:19:38 [Note]: 7005 0
02/16/07 14:19:41 [Note]: 7006 0
02/16/07 14:19:41 [Note]: 7011 2340
02/16/07 14:19:42 [Note]: 7026 0
02/16/07 14:19:42 [Note]: 7026 0
02/16/07 14:19:50 [Note]: FSRAW library version 1.7.1021
02/16/07 14:25:38 [Note]: 7007 0
0
Réponse 17 / 33
Utilisateur anonyme
17 févr. 2007 à 14:53
Salut

tu peux jeter Blacklight c'est ok.

Qu'as-tu comme anti-spywares ?
0
Réponse 18 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
17 févr. 2007 à 15:36
salut avec tous ceux que tu m'as fait telecharger,je dispose donc avast,spybot,a2,sinon tu me conseillerai lequel?
J'ai mon antivirus panda qui est arrivé à terme d'expiration,tu me conseillerai quoi comme antivirus firewall.

A propos du virus ,il y a du mieu les fenetres de serwab n'apparaissent plus,mais lorsque je scanne avec avg il me trouve encore le fameux fichier awtstss.dll

Merci à toi pour toute l'aide que tu m'apportes
a plus
0
Réponse 19 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
17 févr. 2007 à 16:30
voici l'analyse avg

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 07:50:32 17/02/2007

+ Résultat de l'analyse:



C:\VundoFix Backups\awtstss.dll.bad -> Adware.Virtumonde : Aucune action entreprise.
C:\Documents and Settings\Jey\Mes documents\IGN\Pack d'utilitaires pour CD Carto Exploreur par GusD\Cracks\Crack CartoNav-CartoNavPlus.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Aucune action entreprise.
C:\Documents and Settings\Jey\Cookies\jey@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.


Fin du rapport
0
Réponse 20 / 33
jey13 Messages postés 90 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 25 juillet 2015
17 févr. 2007 à 16:46
re salut en fait il a ete effacer ;je ne le trouve plus dans le system 32 awtstss.dll
internet fonctionne comme il faud,les fenetres n'apparaissent plus,mais parfois j'ai un bug au niveau internet explorer,(il doit fermer)
peux tu me dire si mon pc et toujours infectés,ou si on en as enfin fini avec serwab???
0

Discussions similaires

échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses
Echec analyse antivirus lors de téléchargement
mathelp_3935 -
Malekal_morte- -

19 réponses
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse
Probleme bogue
Ines -
Pimmer -

1 réponse
Échec de l'analyse anti virus.
alice1414 -
bazfile -

3 réponses