Pages internet qui s'ouvrent seules

Résolu
bleu en informatique -  
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   -
bonjour, j'ai des pages internet qui s'ouvre toutes seules, voici mon hijack. si quelqu'un peut m'aider svp.

Logfile of HijackThis v1.99.1
Scan saved at 08:18:07, on 01/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
E:\Lotus\Notes\ntmulti.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://nec-computers.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67A0AB0C-D84A-4F80-ADB7-94A050DC623F} - C:\WINDOWS\system32\gebcb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {A22BEDA9-E441-44DD-8007-8FC47C451237} - C:\WINDOWS\system32\iifgfef.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: LISTE AGENTS.xls.lnk = E:\Reptrav_LFKC\LISTE AGENTS.xls
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MAIRIE.COM
O17 - HKLM\Software\..\Telephony: DomainName = MAIRIE.COM
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MAIRIE.COM
O20 - Winlogon Notify: gebcb - C:\WINDOWS\system32\gebcb.dll
O20 - Winlogon Notify: iifgfef - C:\WINDOWS\SYSTEM32\iifgfef.dll
O20 - Winlogon Notify: winxia32 - C:\WINDOWS\SYSTEM32\winxia32.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - E:\Lotus\Notes\ntmulti.exe
O23 - Service: OracleOraHome81ClientCache - Unknown owner - e:\oracle\ora817\BIN\ONRSD.EXE
Configuration: Windows XP pro 2002
Internet Explorer 6.0

12 réponses

  1. Utilisateur anonyme
     
    Salut

    Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

    O2 - BHO: (no name) - {2767DD97-FC86-44FD-9665-0DC339C3749C} - C:\WINDOWS\system32\gebcb.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {A22BEDA9-E441-44DD-8007-8FC47C451237} - C:\WINDOWS\system32\iifgfef.dll (file missing)
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

    ¤ ¤ Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
    Une fois qu'il a terminé colle le rapport ici stp

    https://www.bitdefender.com/toolbox/
    2
    1. bleu en informatique
       
      BitDefender Online Scanner



      Scan report generated at: Tue, Mar 20, 2007 - 08:49:24





      Scan path: A:\;C:\;E:\;F:\;I:\;







      Statistics

      Time
      00:54:48

      Files
      467762

      Folders
      5408

      Boot Sectors
      5

      Archives
      8061

      Packed Files
      57286




      Results

      Identified Viruses
      8

      Infected Files
      70

      Suspect Files
      0

      Warnings
      0

      Disinfected
      0

      Deleted Files
      70




      Engines Info

      Virus Definitions
      405805

      Engine build
      AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

      Scan plugins
      14

      Archive plugins
      38

      Unpack plugins
      6

      E-mail plugins
      6

      System plugins
      1




      Scan Settings

      First Action
      Disinfect

      Second Action
      Delete

      Heuristics
      Yes

      Enable Warnings
      Yes

      Scanned Extensions
      *;

      Exclude Extensions


      Scan Emails
      Yes

      Scan Archives
      Yes

      Scan Packed
      Yes

      Scan Files
      Yes

      Scan Boot
      Yes




      Scanned File
      Status

      C:\Documents and Settings\FUNG-KWOK-CHINE\Local Settings\Application Data\zhyswdh.dll
      Infected with: Trojan.Obfus.Gen

      C:\Documents and Settings\FUNG-KWOK-CHINE\Local Settings\Application Data\zhyswdh.dll
      Disinfection failed

      C:\Documents and Settings\FUNG-KWOK-CHINE\Local Settings\Application Data\zhyswdh.dll
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021222.exe
      Infected with: Trojan.Downloader.Tiny.FK

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021222.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021222.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021223.exe
      Infected with: Trojan.Obfus.Gen

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021223.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021223.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021224.exe
      Infected with: Win32.Worm.P2P.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021224.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021224.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021490.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021490.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP132\A0021490.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021612.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021612.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021612.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021697.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021697.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021697.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021698.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021698.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021698.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021703.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021703.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021703.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021723.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021723.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021723.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021777.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021777.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021777.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021778.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021778.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP133\A0021778.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP134\A0022128.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP134\A0022128.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP134\A0022128.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP134\A0022212.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP134\A0022212.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP134\A0022212.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022326.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022326.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022326.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022327.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022327.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022327.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022329.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022329.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022329.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022330.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022330.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022330.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022331.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022331.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022331.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022332.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022332.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022332.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022333.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022333.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022333.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022334.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022334.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022334.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022335.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022335.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022335.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022336.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022336.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022336.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022337.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022337.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022337.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022338.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022338.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022338.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022339.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022339.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022339.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022340.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022340.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022340.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022342.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022342.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022342.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022343.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022343.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022343.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022344.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022344.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022344.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022409.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022409.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP135\A0022409.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP136\A0022649.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP136\A0022649.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP136\A0022649.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022693.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022693.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022693.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022694.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022694.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022694.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022695.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022695.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022695.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022696.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022696.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022696.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022697.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022697.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022697.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022698.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022698.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022698.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022699.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022699.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022699.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022700.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022700.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022700.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022701.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022701.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022701.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022702.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022702.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022702.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022703.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022703.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022703.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022704.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022704.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022704.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022705.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022705.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022705.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022706.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022706.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022706.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022707.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022707.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022707.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022708.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022708.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022708.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022709.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022709.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022709.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022710.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022710.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022710.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022711.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022711.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022711.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022712.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022712.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022712.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022713.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022713.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022713.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022714.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022714.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022714.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022715.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022715.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022715.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022716.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022716.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022716.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022717.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022717.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022717.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022718.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022718.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022718.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022720.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022720.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022720.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022721.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022721.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022721.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022722.exe
      Infected with: Trojan.Downloader.Agent.AQG

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022722.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022722.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022871.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022871.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022871.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022969.exe
      Infected with: Dropped:Dialer.Udia.A

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022969.exe
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022969.exe
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022978.dll
      Infected with: Trojan.Juan.E

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022978.dll
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022978.dll
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022981.dll
      Infected with: Trojan.Agent.QT

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022981.dll
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP137\A0022981.dll
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP142\A0023701.dll
      Infected with: Trojan.Busky.2.Gen

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP142\A0023701.dll
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP142\A0023701.dll
      Deleted

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP150\A0024070.dll
      Infected with: Trojan.Obfus.Gen

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP150\A0024070.dll
      Disinfection failed

      C:\System Volume Information\_restore{CF0A9A7F-8DC2-43A2-831C-BC1C2507589B}\RP150\A0024070.dll
      Deleted

      C:\WINDOWS\system32\ctvfxle.dll
      Infected with: Trojan.Busky.2.Gen

      C:\WINDOWS\system32\ctvfxle.dll
      Disinfection failed

      C:\WINDOWS\system32\ctvfxle.dll
      Deleted

      C:\WINDOWS\system32\zhyswdh.dll
      Infected with: Trojan.Obfus.Gen

      C:\WINDOWS\system32\zhyswdh.dll
      Disinfection failed

      C:\WINDOWS\system32\zhyswdh.dll
      Deleted
      0
  2. Utilisateur anonyme
     
    Salut

    Télécharge et installe AVG anti-spyware :
    Tu fais un scan complet de ton système, dès qu'il a fini.
    Si il te trouve des espions, supprime les. Enregistre le rapport et colle le ici stp

    AVG anti-spyware : reste gratuit après la période d'essai en français
    ---->http://www.infos-du-net.com/telecharger/Anti-Spyware-AVG,0301-7063.html

    Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
    --> http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

    Avec un nouveau rapport hijackthis ;-)
    1
    1. bleu en informatique
       
      voilà les 2 rapports demandés.

      ---------------------------------------------------------
      AVG Anti-Spyware - Rapport d'analyse
      ---------------------------------------------------------

      + Créé à: 12:56:03 19/03/2007

      + Résultat de l'analyse:



      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\FUNG-KWOK-CHINE\Cookies\fung-kwok-chine@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.


      Fin du rapport




      Logfile of HijackThis v1.99.1
      Scan saved at 13:00:12, on 19/03/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
      C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
      c:\APPS\HIDSERVICE\HIDSERVICE.exe
      C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
      C:\Program Files\CA\eTrust Antivirus\InoRT.exe
      C:\Program Files\CA\eTrust Antivirus\InoTask.exe
      C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
      E:\Lotus\Notes\ntmulti.exe
      c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\SOUNDMAN.EXE
      C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      C:\Apps\Powercinema\PCMService.exe
      C:\PROGRA~1\CA\ETRUST~1\realmon.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
      E:\Lotus\Notes\NLNOTES.EXE
      E:\Lotus\Notes\ntaskldr.EXE
      C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
      E:\sm\rh\Bin\rh.exe
      C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
      C:\WINDOWS\system32\wuauclt.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://nec-computers.fr/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {2767DD97-FC86-44FD-9665-0DC339C3749C} - C:\WINDOWS\system32\gebcb.dll (file missing)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O2 - BHO: (no name) - {A22BEDA9-E441-44DD-8007-8FC47C451237} - C:\WINDOWS\system32\iifgfef.dll (file missing)
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
      O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      O4 - Startup: LISTE AGENTS.xls.lnk = E:\Reptrav_LFKC\LISTE AGENTS.xls
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MAIRIE.COM
      O17 - HKLM\Software\..\Telephony: DomainName = MAIRIE.COM
      O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MAIRIE.COM
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
      O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
      O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
      O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
      O23 - Service: Multi-user Cleanup Service - IBM Corp - E:\Lotus\Notes\ntmulti.exe
      O23 - Service: OracleOraHome81ClientCache - Unknown owner - e:\oracle\ora817\BIN\ONRSD.EXE
      0
  3. tenon
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:50:48, on 04/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\documents and settings\avi\local settings\application data\ksdfgiunds.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Larousse\Petit Larousse 2008\bin\Hyperappel.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Radio France Toolbar - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files\Radio_France\tbRadi.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ksdfgiunds] c:\documents and settings\avi\local settings\application data\ksdfgiunds.exe ksdfgiunds
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Hyperappel du Petit Larousse 2008.lnk = C:\Program Files\Larousse\Petit Larousse 2008\bin\Hyperappel.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O18 - Protocol: bw+0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {B7D06155-E4E3-4737-B1C4-FC13E4341825} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    1
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Bonjour,

      CREER SON PROPRE TOPIK

      Il serait préférable que tu crées ton propre « topik » message personnel. Cela rendra le poste (ici) plus compréhensible, et nous pourrons traiter ton soucis avec plus d’efficacité.
      Donc
      Fais ce qui suit, SVP
      http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
      Merci
      A++
      http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm

      A++
      0
  4. Utilisateur anonyme
     
    Salut

    Télécharge VundoFix
    http://www.atribune.org/ccount/click.php?id=4

    Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..

    double clic dessus choisis "start for vundo"
    attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
    un message te demandera si tu veux supprimes les fichiers sur "yes"
    Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer sinon, fais le par toit même
    Une fois qu'il a redemarré colle le rapport C:\vundofix.txt et un nouveau rapport hijackthis stp
    0
    1. bleu en informatique
       
      voici les 2 rapport

      VundoFix V6.3.9

      Checking Java version...

      Java version is 1.5.0.4

      Java version is 1.5.0.6

      Scan started at 07:56:31 02/03/2007

      Listing files found while scanning....

      C:\WINDOWS\system32\bcbeg.bak1
      C:\WINDOWS\system32\bcbeg.bak2
      C:\WINDOWS\system32\bcbeg.ini
      C:\WINDOWS\system32\bxmhxdru.dll
      C:\WINDOWS\system32\gebcb.dll
      C:\WINDOWS\system32\iifgfef.dll
      C:\WINDOWS\system32\winxia32.dll

      Beginning removal...

      Attempting to delete C:\WINDOWS\system32\bcbeg.bak1
      C:\WINDOWS\system32\bcbeg.bak1 Has been deleted!

      Attempting to delete C:\WINDOWS\system32\bcbeg.bak2
      C:\WINDOWS\system32\bcbeg.bak2 Has been deleted!

      Attempting to delete C:\WINDOWS\system32\bcbeg.ini
      C:\WINDOWS\system32\bcbeg.ini Has been deleted!

      Attempting to delete C:\WINDOWS\system32\bxmhxdru.dll
      C:\WINDOWS\system32\bxmhxdru.dll Has been deleted!

      Attempting to delete C:\WINDOWS\system32\gebcb.dll
      C:\WINDOWS\system32\gebcb.dll Has been deleted!

      Attempting to delete C:\WINDOWS\system32\iifgfef.dll
      C:\WINDOWS\system32\iifgfef.dll Has been deleted!

      Attempting to delete C:\WINDOWS\system32\winxia32.dll
      C:\WINDOWS\system32\winxia32.dll Has been deleted!

      Performing Repairs to the registry.
      Done!


      Logfile of HijackThis v1.99.1
      Scan saved at 08:05:32, on 02/03/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
      C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
      c:\APPS\HIDSERVICE\HIDSERVICE.exe
      C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
      C:\Program Files\CA\eTrust Antivirus\InoRT.exe
      C:\Program Files\CA\eTrust Antivirus\InoTask.exe
      C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
      C:\WINDOWS\Explorer.EXE
      E:\Lotus\Notes\ntmulti.exe
      c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      C:\Apps\Powercinema\PCMService.exe
      C:\PROGRA~1\CA\ETRUST~1\realmon.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\WINDOWS\system32\taskmgr.exe
      C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://nec-computers.fr/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {2767DD97-FC86-44FD-9665-0DC339C3749C} - C:\WINDOWS\system32\gebcb.dll (file missing)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O2 - BHO: (no name) - {A22BEDA9-E441-44DD-8007-8FC47C451237} - C:\WINDOWS\system32\iifgfef.dll (file missing)
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
      O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      O4 - Startup: LISTE AGENTS.xls.lnk = E:\Reptrav_LFKC\LISTE AGENTS.xls
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MAIRIE.COM
      O17 - HKLM\Software\..\Telephony: DomainName = MAIRIE.COM
      O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MAIRIE.COM
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
      O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
      O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
      O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
      O23 - Service: Multi-user Cleanup Service - IBM Corp - E:\Lotus\Notes\ntmulti.exe
      O23 - Service: OracleOraHome81ClientCache - Unknown owner - e:\oracle\ora817\BIN\ONRSD.EXE
      0
    2. bleu en informatique
       
      ça à l'air d'aller mieux maintenant, mais pouvez vous me le confirmer d'après les 2 derniers rapport. Merci
      0
    3. bleu en informatique
       
      les pages ont l'air de ne plus s'ouvrir, j'ai posté les 2 rapports mais vous n'avez pas encore dit si c'était OK.
      Pourriez vous me le confirmer. Merci
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Connais tu ceci :

    - E:\sm\rh\Bin\rh.exe << ?

    Puis fait ceci :

    Alors ceci : C:\System Volume Information\_restore (voir rapport Bitdefender)
    Indique que ta restauration du système etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

    Clic sur "demarrer", clic droit sur "poste de travail", "propriétés", onglet "restauration du système"

    ¤ coches la case "désactiver la restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
    ¤ décoches la case et clic sur "appliquer" puis "ok".

    Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre :

    Clic sur "démarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, clic sur "créer" puis "ok".

    Voilà, maintenant le point de restauration est créé
    Si un jour tu le décides, tu pourras revenir en arrière à la date que tu as créé ce point de restauration.
    En exécutant la restauration du système tu pourras remettre ton ordinateur à la date ou l'on à créé ce point de restauration mais tu perdras les modifications que tu aura faites entre deux.

    ¤ - Ouvre HijackThis

    Clic sur "open the misc tools section"
    Clic sur "open uninstall manager"
    Clic sur "Save list" dans la fenêtre qui va s'ouvrir enregistre le fichier à un endroit ou tu le retrouvera facilement.

    Ensuite, fais un copier du texte qui y aura dans ce fichier puis colles le ici stp
    0
    1. bleu en informatique
       
      E:\sm\rh\Bin\rh.exe : c'est un logiciel avec lequel je travaille

      voici le rapport de la "save list"

      3GP Video Converter 3
      Adobe Flash Player 9 ActiveX
      Adobe Reader 7.0 - Français
      CA eTrust Antivirus
      CDex extraction audio
      Correctif Windows XP - KB873339
      Correctif Windows XP - KB885250
      Correctif Windows XP - KB885835
      Correctif Windows XP - KB885836
      Correctif Windows XP - KB886185
      Correctif Windows XP - KB887472
      Correctif Windows XP - KB887742
      Correctif Windows XP - KB888113
      Correctif Windows XP - KB888302
      Correctif Windows XP - KB890859
      Correctif Windows XP - KB891781
      DVD Audio Extractor 4.2.0
      Gestionnaire de contacts professionnels pour Outlook 2003
      Google Toolbar for Internet Explorer
      HijackThis 1.99.1
      Hijackthis Version Française 1.99.0.1
      J2SE Runtime Environment 5.0 Update 4
      J2SE Runtime Environment 5.0 Update 6
      Lecteur Windows Media 10
      Lotus Notes 6.51 fr
      Macromedia Shockwave Player
      Microsoft .NET Framework 1.1
      Microsoft .NET Framework 1.1
      Microsoft .NET Framework 1.1 French Language Pack
      Microsoft .NET Framework 1.1 Hotfix (KB886903)
      Microsoft Office Professional Edition 2003
      Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
      Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
      Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
      Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
      Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
      Mise à jour de sécurité pour Windows XP (KB890046)
      Mise à jour de sécurité pour Windows XP (KB893066)
      Mise à jour de sécurité pour Windows XP (KB893756)
      Mise à jour de sécurité pour Windows XP (KB896358)
      Mise à jour de sécurité pour Windows XP (KB896422)
      Mise à jour de sécurité pour Windows XP (KB896423)
      Mise à jour de sécurité pour Windows XP (KB896424)
      Mise à jour de sécurité pour Windows XP (KB896428)
      Mise à jour de sécurité pour Windows XP (KB899587)
      Mise à jour de sécurité pour Windows XP (KB899589)
      Mise à jour de sécurité pour Windows XP (KB899591)
      Mise à jour de sécurité pour Windows XP (KB900725)
      Mise à jour de sécurité pour Windows XP (KB901017)
      Mise à jour de sécurité pour Windows XP (KB901190)
      Mise à jour de sécurité pour Windows XP (KB901214)
      Mise à jour de sécurité pour Windows XP (KB902400)
      Mise à jour de sécurité pour Windows XP (KB904706)
      Mise à jour de sécurité pour Windows XP (KB905414)
      Mise à jour de sécurité pour Windows XP (KB905749)
      Mise à jour de sécurité pour Windows XP (KB905915)
      Mise à jour de sécurité pour Windows XP (KB908519)
      Mise à jour de sécurité pour Windows XP (KB911562)
      Mise à jour de sécurité pour Windows XP (KB911567)
      Mise à jour de sécurité pour Windows XP (KB911927)
      Mise à jour de sécurité pour Windows XP (KB912919)
      Mise à jour de sécurité pour Windows XP (KB913580)
      Mise à jour de sécurité pour Windows XP (KB914388)
      Mise à jour de sécurité pour Windows XP (KB914389)
      Mise à jour de sécurité pour Windows XP (KB916281)
      Mise à jour de sécurité pour Windows XP (KB917159)
      Mise à jour de sécurité pour Windows XP (KB917344)
      Mise à jour de sécurité pour Windows XP (KB917422)
      Mise à jour de sécurité pour Windows XP (KB917953)
      Mise à jour de sécurité pour Windows XP (KB918118)
      Mise à jour de sécurité pour Windows XP (KB918439)
      Mise à jour de sécurité pour Windows XP (KB918899)
      Mise à jour de sécurité pour Windows XP (KB919007)
      Mise à jour de sécurité pour Windows XP (KB920213)
      Mise à jour de sécurité pour Windows XP (KB920214)
      Mise à jour de sécurité pour Windows XP (KB920670)
      Mise à jour de sécurité pour Windows XP (KB920683)
      Mise à jour de sécurité pour Windows XP (KB920685)
      Mise à jour de sécurité pour Windows XP (KB921398)
      Mise à jour de sécurité pour Windows XP (KB921883)
      Mise à jour de sécurité pour Windows XP (KB922616)
      Mise à jour de sécurité pour Windows XP (KB922819)
      Mise à jour de sécurité pour Windows XP (KB923191)
      Mise à jour de sécurité pour Windows XP (KB923414)
      Mise à jour de sécurité pour Windows XP (KB923689)
      Mise à jour de sécurité pour Windows XP (KB923694)
      Mise à jour de sécurité pour Windows XP (KB923980)
      Mise à jour de sécurité pour Windows XP (KB924191)
      Mise à jour de sécurité pour Windows XP (KB924270)
      Mise à jour de sécurité pour Windows XP (KB924667)
      Mise à jour de sécurité pour Windows XP (KB926255)
      Mise à jour de sécurité pour Windows XP (KB926436)
      Mise à jour de sécurité pour Windows XP (KB927779)
      Mise à jour de sécurité pour Windows XP (KB927802)
      Mise à jour de sécurité pour Windows XP (KB928090)
      Mise à jour de sécurité pour Windows XP (KB928255)
      Mise à jour de sécurité pour Windows XP (KB928843)
      Mise à jour de sécurité pour Windows XP (KB929969)
      Mise à jour pour Windows XP (KB894391)
      Mise à jour pour Windows XP (KB898461)
      Mise à jour pour Windows XP (KB900485)
      Mise à jour pour Windows XP (KB908531)
      Mise à jour pour Windows XP (KB910437)
      Mise à jour pour Windows XP (KB911280)
      Mise à jour pour Windows XP (KB916595)
      Mise à jour pour Windows XP (KB920872)
      Mise à jour pour Windows XP (KB922582)
      Mise à jour pour Windows XP (KB929338)
      Sonic RecordNow!
      VideoLAN VLC media player 0.8.6
      Windows Installer 3.1 (KB893803)
      Windows Media Format Runtime
      0
      1. Utilisateur anonyme > bleu en informatique
         
        Merci.
        ok, pour le logiciel, il avait un nom bizarre c'est pour ça (*_*)

        Désinstalle :

        - J2SE Runtime Environment 5.0 Update 4


        ¤ Mets à jour Java :

        - Clic sur démarrer, panneau de configuration, en haut à gauche, tu choisis "basculer vers l'affichage classique"
        - Tu doubles clic sur l'icône "Java".
        - Clic sur l'onglet "mise à jour" puis "mise à jour maintenant" et télécharge la dernière version qu'il te trouvera.


        ¤ Pas de pare-feu logiciel c'est volontaire ?

        Puis dis moi ou en est ton problème ;-)
        0
      2. bleu en informatique > Utilisateur anonyme
         
        J'ai désinstallé J2SE 5.0 update 4 et fait la mise à jour (update 10).

        En ce qui concerne le pare feu logiciel, comme le poste n'est pas à moi, je ne peux pas l'installer.

        Merci pour ton aide, les pages pubs ne s'affichent plus. Je croise les doigts mais il me semble que le problème est résolu.

        Si t'as d'autres conseils à me donner, n'hésite pas!
        0
      3. Utilisateur anonyme > bleu en informatique
         
        ok, très bien !
        Parcontre

        "J'ai désinstallé J2SE 5.0 update 4 et fait la mise à jour (update 10)."

        nous sommes a la 11 ;-)

        A++
        0
  7. Drine
     
    Bonjour, j'ai moi aussi des pubs qui s'ouvrent toutes seules, voilà ce que m'a dit Hijack

    Logfile of HijackThis v1.99.1
    Scan saved at 08:44:44, on 20/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
    C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe
    C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe
    C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
    C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\internet explorer 2\IEXPLORE.EXE
    C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AvkWebIE.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AvkWebIE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
    O4 - Global Startup: G DATA Firewall Tray.lnk = ?
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5731DEFC-F35E-40A1-AC3C-06EF9C9273DB}: NameServer = 84.103.237.140 86.64.145.140
    O23 - Service: AVKProxy - G DATA Software AG - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
    O23 - Service: AVK Service (AVKService) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe
    O23 - Service: Gardien d'AVK (AVKWCtl) - Unknown owner - C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe
    O23 - Service: G DATA Personal Firewall (GDFwSvc) - Unknown owner - C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    0
    1. Utilisateur anonyme
       
      Salut

      Crée ton propre post ! et merci c'est gratuit.
      0
  8. david
     
    Bonjour
    J'ai le meme probleme avec un site qui s'appelle rondstartour ou un truc dans le genre.
    Je vous donne mon rapport hijack

    Logfile of HijackThis v1.99.1
    Scan saved at 17:43:28, on 12.03.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\PROGRA~1\CA\ETRUST~1\realmon.exe
    C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
    C:\WINDOWS\system32\icpldrvx.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\windows\kernel.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\msnmsgr2.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Messenger\msmsgs.exe
    D:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
    O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
    O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\system32\icpldrvx.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Ajuda do Windows] C:\WINDOWS\winhlp.exe
    O4 - HKCU\..\Run: [Logon de rede] C:\windows\kernel.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
    O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101941672015
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4EAE9BB9-12F3-4325-994C-3E84107A9FEE}: NameServer = 192.168.1.1
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    0
  9. david
     
    Je vous remerci si vous pouvez m'aider
    0
  10. leconverti
     
    Bonjour à tous et merci d'aider les gens pour ce genre de soucis c'est super sympa. J'ai un probleme similaire et j'aimerais savoir si je suis au bon endroit pour obtenir de l'aide pour mon propre cas?
    J'ai bien essayer pendant deux jours en regardant different site mais mon souci persiste.

    Voila j'ai des pages internet qui s'ouvre environ tout les 1/4 d'heure environs et ce quoi que je fasse. que je joue, regarde un film ou bien surf sur le net.
    Si c'est possible d'obtenir de l'aide par quoi dois-je commencer, s'il vous plait?
    Merci d'avance et veuillez accepter mes excuses si je me suis tromper de sujet.Prévenez moi si celui si est déplacé.

    Cordialement, Jéjé =)
    0
  11. lamy
     
    j'ai des pages qui s'ouvrent toutes seules mais j'ai rien compri ds tt cela ..svp pouvez vs etre plus claires en simplifiants les choses ...merci
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Bonjour,

      CREER SON PROPRE TOPIK

      Il serait préférable que tu crées ton propre « topik » message personnel. Cela rendra le poste (ici) plus compréhensible, et nous pourrons traiter ton soucis avec plus d’efficacité.
      Donc
      Fais ce qui suit, SVP
      http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
      Merci
      A++
      http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm

      A++


      -2
  12. psykoak13 Messages postés 3 Date d'inscription   Statut Membre
     
    slt a tous g un gros prob d que je v sur le net des page et d pube souvre tou seul g un virus que je narive pas a suprimer HELP MI svp
    0
  13. kalail 33 Messages postés 6 Statut Membre
     
    je suis nouveaux sur le forum meme probleme sa fais 2 semaines
    0