SOS VIRUS Win32/Malum.AJRY Résolu

Question

SALUT TOUTS LE MONDE MON ZONE ALARM SECURITY SUITE A TROUVER Win32/Malum.AJRY ET IL M'AS DIS IL PEUT PAS METTRE EN QUARANTAINE NI LE SUPPRIMER J'AI BESOIN DE VOTRE AIDE J'AI WINDOWS ME ET MERCI POUR VOTRE AIDE

green day · Answer

Salut

 faut pas crier comme ça :)

 où est ce qu'il te le détecte ???

++

Blondin · Answer

Bonjour, 
GROS GROS souci avec ma bécane, je n arrive pas à me débarrasser d un virus qui se nommerai apparement " virtumonde " .
je n arrete pas de me battre avec lui avec diverses antivirus/spyware...en vain il revient tjrs a la charge et il m'emmerde grave !

green day · Answer

Salut

 Télécharge ceci : 

Lien : hijackthis

Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm 

Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum. 

++

blondin · Answer

salut!                                           (merci pour la réponse)
voici le resultat de hijackthis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:36:43, on 10/10/2007
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system\NOTEPAD.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iRiver\iHP100\iHPDetect.exe
C:\Program Files\iTouch\iTouch.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Documents and Settings\ioio\Mes documents\blondinmine\antivirus\Nouveau dossier (2)\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDaemOVu3Ev6eNKNBG3FrQsw8/filFnkk6dh7kHIiffHCkjm7/FsvfOfrERA/X2VWxbIT+h5ArBQcngwyOUSFtPFOobvuLrvPzHB4JRZqtlN3bZq2M9EorOAGpzRUydCUV9KXZ+HKNd+bS+ELbwgCxh6aoaIRyMrjGCAL55ecEvX4pzhrgRLUC4O/LhRZgqS3VBM0jBCHP8tc=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 hercplgs.cpl,BootEntryPoint
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\iTouch\iTouch.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [vxbiebdbge] C:\WINDOWS\System32\vxbiebdbge.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\vwxrfupk.dll",sitypnow
O4 - HKLM\..\RunServices: [vxbiebdbge] C:\WINDOWS\System32\vxbiebdbge.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?da8db32b0ef84bc29f855973d52d36de
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?da8db32b0ef84bc29f855973d52d36de
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/045821d475dec391cf22/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20030625/qtinstall.info.apple.com/abarth/fr/win/QuickTimeInstaller.exe
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/activeX/SpeedUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Print Spooler Service (eeogaeo3os2ipa) - Unknown owner - C:\WINDOWS\System32\vxbiebdbge.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NOTEPAD - Unknown owner - C:\WINDOWS\system\NOTEPAD.exe

green day · Answer

Salut

ok, fais un clic droit sur hijackthis.exe < renommer <  puis nomme le CCM.exe

 et poste un nouveau rapport stp

++

blondin · Answer

Re...,
ok, j'ai bien renommé hijackthis.exe en CCM.exe....je te renvoie le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:59:59, on 10/10/2007
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system\NOTEPAD.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iRiver\iHP100\iHPDetect.exe
C:\Program Files\iTouch\iTouch.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Documents and Settings\ioio\Mes documents\blondinmine\antivirus\Nouveau dossier (2)\CCM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDaemOVu3Ev6eNKNBG3FrQsw8/filFnkk6dh7kHIiffHCkjm7/FsvfOfrERA/X2VWxbIT+h5ArBQcngwyOUSFtPFOobvuLrvPzHB4JRZqtlN3bZq2M9EorOAGpzRUydCUV9KXZ+HKNd+bS+ELbwgCxh6aoaIRyMrjGCAL55ecEvX4pzhrgRLUC4O/LhRZgqS3VBM0jBCHP8tc=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\System32\hpfvbune.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9370EFDE-C0DA-42C9-B609-41C87B462011} - C:\WINDOWS\system32\opnlkjj.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D24EB4FC-7833-43E3-B0CC-EDF780BA95D4} - C:\WINDOWS\System32\opnnl.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 hercplgs.cpl,BootEntryPoint
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\iTouch\iTouch.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [vxbiebdbge] C:\WINDOWS\System32\vxbiebdbge.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\vwxrfupk.dll",sitypnow
O4 - HKLM\..\RunServices: [vxbiebdbge] C:\WINDOWS\System32\vxbiebdbge.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?da8db32b0ef84bc29f855973d52d36de
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?da8db32b0ef84bc29f855973d52d36de
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/045821d475dec391cf22/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20030625/qtinstall.info.apple.com/abarth/fr/win/QuickTimeInstaller.exe
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/activeX/SpeedUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: opnlkjj - C:\WINDOWS\SYSTEM32\opnlkjj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Print Spooler Service (eeogaeo3os2ipa) - Unknown owner - C:\WINDOWS\System32\vxbiebdbge.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NOTEPAD - Unknown owner - C:\WINDOWS\system\NOTEPAD.exe

green day · Answer

Salit

ok,

Télécharger Vundofix.exe (par Atribune) sur votre Bureau : 


    * Double-cliquer sur VundoFix.exe afin de le lancer.
    * Cliquer sur le bouton Scan for Vundo.
    * Lorsque le scan est complété, cliquer sur le bouton Remove Vundo.
    * Une invite de commande demandera si l’on souhaite supprimer les fichiers, cliquer sur YES
    * Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    * Une nouvelle invite de commende annoncera que le PC devra s'éteindre ("shutdown"). Cliquer sur OK , puis laisser le redémarrer.
    * Le contenu du rapport est situé dans C:\vundofix.txt, poste le stp

++

blondin · Answer

Hello green day,
désolé pour le temps que j'mets à ta répondre....je fais ça pendant mes quelques moments de libre,

voici le rapport de vundofix :




VundoFix V6.5.10

Checking Java version...

Sun Java not detected
Scan started at 19:07:21 17/10/2007

Listing files found while scanning....

C:\windows\system32\awtqqro.dll
C:\windows\system32\awtqroo.dll
C:\windows\system32\awtuspm.dll
C:\windows\system32\cbxvusq.dll
C:\windows\system32\efcdddc.dll
C:\windows\system32\fccabba.dll
C:\windows\system32\fccayxu.dll
C:\windows\system32\gebxvvs.dll
C:\windows\system32\hggefgd.dll
C:\windows\system32\hggghfg.dll
C:\windows\system32\hgghebx.dll
C:\WINDOWS\System32\hpfvbune.dll
C:\windows\system32\iifdaxx.dll
C:\windows\system32\khfeddb.dll
C:\windows\system32\ljjjihg.dll
C:\windows\system32\lnnpo.bak1
C:\windows\system32\lnnpo.bak2
C:\windows\system32\lnnpo.ini
C:\windows\system32\mljgecd.dll
C:\windows\system32\mljiihf.dll
C:\windows\system32
fputduw.ini
C:\windows\system32
nnkife.dll
C:\WINDOWS\system32\opnlkjj.dll
C:\windows\system32\opnnl.dll
C:\windows\system32\pmnlifd.dll
C:\windows\system32qropoo.dll
C:\windows\system32	uvstrr.dll
C:\windows\system32\vtusqol.dll
C:\WINDOWS\System32\wudtupfn.dll
C:\windows\system32\wvuronn.dll
C:\windows\system32\wvuttrs.dll

Beginning removal...

 Attempting to delete C:\windows\system32\awtqqro.dll
C:\windows\system32\awtqqro.dll Has been deleted!

 Attempting to delete C:\windows\system32\awtqroo.dll
C:\windows\system32\awtqroo.dll Has been deleted!

 Attempting to delete C:\windows\system32\awtuspm.dll
C:\windows\system32\awtuspm.dll Has been deleted!

 Attempting to delete C:\windows\system32\cbxvusq.dll
C:\windows\system32\cbxvusq.dll Has been deleted!

 Attempting to delete C:\windows\system32\efcdddc.dll
C:\windows\system32\efcdddc.dll Has been deleted!

 Attempting to delete C:\windows\system32\fccabba.dll
C:\windows\system32\fccabba.dll Has been deleted!

 Attempting to delete C:\windows\system32\fccayxu.dll
C:\windows\system32\fccayxu.dll Has been deleted!

 Attempting to delete C:\windows\system32\gebxvvs.dll
C:\windows\system32\gebxvvs.dll Has been deleted!

 Attempting to delete C:\windows\system32\hggefgd.dll
C:\windows\system32\hggefgd.dll Has been deleted!

 Attempting to delete C:\windows\system32\hggghfg.dll
C:\windows\system32\hggghfg.dll Has been deleted!

 Attempting to delete C:\windows\system32\hgghebx.dll
C:\windows\system32\hgghebx.dll Has been deleted!

 Attempting to delete C:\WINDOWS\System32\hpfvbune.dll
C:\WINDOWS\System32\hpfvbune.dll Has been deleted!

 Attempting to delete C:\windows\system32\iifdaxx.dll
C:\windows\system32\iifdaxx.dll Has been deleted!

 Attempting to delete C:\windows\system32\khfeddb.dll
C:\windows\system32\khfeddb.dll Has been deleted!

 Attempting to delete C:\windows\system32\ljjjihg.dll
C:\windows\system32\ljjjihg.dll Has been deleted!

 Attempting to delete C:\windows\system32\lnnpo.bak1
C:\windows\system32\lnnpo.bak1 Has been deleted!

 Attempting to delete C:\windows\system32\lnnpo.bak2
C:\windows\system32\lnnpo.bak2 Has been deleted!

 Attempting to delete C:\windows\system32\lnnpo.ini
C:\windows\system32\lnnpo.ini Has been deleted!

 Attempting to delete C:\windows\system32\mljgecd.dll
C:\windows\system32\mljgecd.dll Has been deleted!

 Attempting to delete C:\windows\system32\mljiihf.dll
C:\windows\system32\mljiihf.dll Has been deleted!

 Attempting to delete C:\windows\system32
fputduw.ini
C:\windows\system32
fputduw.ini Has been deleted!

 Attempting to delete C:\windows\system32
nnkife.dll
C:\windows\system32
nnkife.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\opnlkjj.dll
C:\WINDOWS\system32\opnlkjj.dll Could not be deleted.

 Attempting to delete C:\windows\system32\opnnl.dll
C:\windows\system32\opnnl.dll Has been deleted!

 Attempting to delete C:\windows\system32\pmnlifd.dll
C:\windows\system32\pmnlifd.dll Has been deleted!

 Attempting to delete C:\windows\system32qropoo.dll
C:\windows\system32qropoo.dll Has been deleted!

 Attempting to delete C:\windows\system32	uvstrr.dll
C:\windows\system32	uvstrr.dll Has been deleted!

 Attempting to delete C:\windows\system32\vtusqol.dll
C:\windows\system32\vtusqol.dll Has been deleted!

 Attempting to delete C:\WINDOWS\System32\wudtupfn.dll
C:\WINDOWS\System32\wudtupfn.dll Has been deleted!

 Attempting to delete C:\windows\system32\wvuronn.dll
C:\windows\system32\wvuronn.dll Has been deleted!

 Attempting to delete C:\windows\system32\wvuttrs.dll
C:\windows\system32\wvuttrs.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\opnlkjj.dll
C:\WINDOWS\system32\opnlkjj.dll Has been deleted!

Performing Repairs to the registry.
Done!








                                                                                             Merci encore !

green day · Answer

Salut

ok,

Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    * Démarrer en mode sans echec
    * Double cliquer combofix.exe.
    * Appuyer sur la touche Y (Yes) pour démarrer le scan
    * Le rapport sera crée dans: C:\Combofix.txt, poste le stp

++

Blondin · Answer

SALUX ! Aaahhh...ça fait du bien, ma bécane commence à respirer mieux voila le rapport de combofix merci ComboFix 07-10-18.6 - ioio 2007-10-18 20:21:07.1 - NTFSx86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.294 [GMT 2:00] Running from: C:\Documents and Settings\ioio\Bureau\combofix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\check_LSA7.txt C:\Documents and Settings\All Users\Application Data.\salesmonitor C:\Documents and Settings\All Users\Application Data\Starware354 C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindIt.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindIt.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindItHot.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindItHot.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\findithotxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\findithotxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\finditxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\finditxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\Highlight.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\Highlight.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\HighlightHot.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\HighlightHot.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlighthotxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlighthotxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlightxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlightxp.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes_foreign_feed.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes_foreign_feed.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes_foreign_feed.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons ecipes_foreign_feed.png C:\Documents and Settings\All Users\Application Data\Starware354\buttons\starware_toolbar_icon.bmp C:\Documents and Settings\All Users\Application Data\Starware354\buttons\starware_toolbar_icon.bmp C:\Documents and Settings\All Users\Application Data\Starware354\contexts\error.xml C:\Documents and Settings\All Users\Application Data\Starware354\contexts\error.xml C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Related.xml C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Related.xml C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Travel.xml C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Travel.xml C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml.backup C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml.backup C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml.backup C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml.backup C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml.backup C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml.backup C:\Documents and Settings\ioio\Application Data\DriveCleaner Free C:\Documents and Settings\ioio\Application Data\DriveCleaner Free\Logs\update.log C:\Documents and Settings\ioio\Application Data\DriveCleaner Free\Logs\update.log C:\Documents and Settings\ioio\Application Data\Starware354 C:\Documents and Settings\ioio\Application Data\Starware354\BrowserSearch\BrowserSearch.xml C:\Documents and Settings\ioio\Application Data\Starware354\BrowserSearch\BrowserSearch.xml C:\Documents and Settings\ioio\Application Data\Starware354\BrowserSearch\BrowserSearch.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\BrowserSearch\BrowserSearch.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Configurator\Configurator.xml C:\Documents and Settings\ioio\Application Data\Starware354\Configurator\Configurator.xml C:\Documents and Settings\ioio\Application Data\Starware354\Configurator\Configurator.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Configurator\Configurator.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Games\GamesOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Games\GamesOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Games\GamesOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Games\GamesOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Games\images\active\Games0.bmp C:\Documents and Settings\ioio\Application Data\Starware354\Games\images\active\Games0.bmp C:\Documents and Settings\ioio\Application Data\Starware354\Layouts\ToolbarLayout.xml C:\Documents and Settings\ioio\Application Data\Starware354\Layouts\ToolbarLayout.xml C:\Documents and Settings\ioio\Application Data\Starware354\Layouts\ToolbarLayout.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Layouts\ToolbarLayout.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Manager\ManagerOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Manager\ManagerOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Manager\ManagerOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Manager\ManagerOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Movies\images\active\Movies0.bmp C:\Documents and Settings\ioio\Application Data\Starware354\Movies\images\active\Movies0.bmp C:\Documents and Settings\ioio\Application Data\Starware354\Movies\MoviesOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Movies\MoviesOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Movies\MoviesOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Movies\MoviesOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp C:\Documents and Settings\ioio\Application Data\Starware354\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp C:\Documents and Settings\ioio\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Toolbar\TBProductsOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Toolbar\TBProductsOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\Toolbar\TBProductsOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\Toolbar\TBProductsOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml C:\Documents and Settings\ioio\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml.backup C:\Documents and Settings\ioio\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml.backup C:\Documents and Settings\ioio\err.log C:\Documents and Settings\ioio\ResErrors.log C:\WINDOWS\cookies.ini C:\WINDOWS\system32\stera.log . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_FOPN -------\LEGACY_VSPF -------\LEGACY_VSPF_HK ((((((((((((((((((((((((((((( Fichiers créés 2007-09-18 to 2007-10-18 )))))))))))))))))))))))))))))))))))) . 2007-10-18 20:19 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-17 19:07 d-------- C:\VundoFix Backups 2007-10-15 19:47 d-------- C:\Documents and Settings\ioio\Bluetooth Software 2007-10-15 19:42 19,456 --a------ C:\WINDOWS\system32\hidserv.dll 2007-10-15 19:42 19,456 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll 2007-10-15 19:41 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-10-15 19:41 135,040 --a--c--- C:\WINDOWS\system32\dllcache\portcls.sys 2007-10-15 19:41 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-10-15 19:41 57,344 --a--c--- C:\WINDOWS\system32\dllcache\drmk.sys 2007-10-15 19:40 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2007-10-15 19:40 14,080 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys 2007-10-15 19:39 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-10-15 19:39 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys 2007-10-15 19:33 d-------- C:\Program Files\D-Link 2007-10-09 17:01 d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-10-08 14:22 d-------- C:\Program Files\Lavasoft 2007-10-03 04:38 77,824 -ra------ C:\WINDOWS\system32\btw_ci.dll 2007-09-28 22:01 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-09-28 20:08 d-------- C:\Documents and Settings\ioio\Application Data\Grisoft 2007-09-28 20:08 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-09-28 20:08 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-26 09:34 27,535 --a------ C:\WINDOWS\IMG-9595.zip 2007-09-26 08:53 27,535 --a------ C:\WINDOWS\IMG-6333.zip 2007-09-26 08:53 27,535 --a------ C:\WINDOWS\IMG-4897.zip 2007-09-26 08:21 27,535 --a------ C:\WINDOWS\IMG-9866.zip 2007-09-26 08:21 27,535 --a------ C:\WINDOWS\IMG-6079.zip 2007-09-23 21:36 27,535 --a------ C:\WINDOWS\IMG-0209.zip 2007-09-23 19:29 694,161 ---hs---- C:\WINDOWS\system32 fivuydw.ini2 2007-09-23 18:18 27,535 --a------ C:\WINDOWS\IMG-6342.zip 2007-09-23 18:17 27,535 --a------ C:\WINDOWS\IMG-2764.zip 2007-09-23 17:51 27,535 --a------ C:\WINDOWS\IMG-5220.zip 2007-09-23 17:51 27,535 --a------ C:\WINDOWS\IMG-3475.zip 2007-09-22 19:15 27,535 --a------ C:\WINDOWS\IMG-8754.zip 2007-09-22 19:15 27,535 --a------ C:\WINDOWS\IMG-3437.zip 2007-09-22 17:53 27,535 --a------ C:\WINDOWS\IMG-9353.zip 2007-09-22 17:53 27,535 --a------ C:\WINDOWS\IMG-5994.zip 2007-09-22 06:38 27,535 --a------ C:\WINDOWS\IMG-9076.zip 2007-09-22 06:38 27,535 --a------ C:\WINDOWS\IMG-0137.zip 2007-09-20 14:54 27,535 --a------ C:\WINDOWS\IMG-0755.zip 2007-09-20 14:53 27,535 --a------ C:\WINDOWS\IMG-5846.zip 2007-09-20 14:41 27,535 --a------ C:\WINDOWS\IMG-1808.zip 2007-09-20 14:41 27,535 --a------ C:\WINDOWS\IMG-0168.zip 2007-09-20 14:21 27,535 --a------ C:\WINDOWS\IMG-4273.zip 2007-09-20 14:20 27,535 --a------ C:\WINDOWS\IMG-3503.zip 2007-09-19 10:21 27,535 --a------ C:\WINDOWS\IMG-9373.zip 2007-09-19 10:21 27,535 --a------ C:\WINDOWS\IMG-0471.zip 2007-09-18 23:29 d-------- C:\Documents and Settings\ioio\Application Data\Lavasoft 2007-09-18 23:27 d-------- C:\Plugins 2007-09-18 23:27 d-------- C:\Lang 2007-09-18 23:17 27,535 --a------ C:\WINDOWS\IMG-8242.zip 2007-09-18 23:17 27,535 --a------ C:\WINDOWS\IMG-7390.zip 2007-09-18 23:10 27,535 --a------ C:\WINDOWS\IMG-6745.zip 2007-09-18 23:10 27,535 --a------ C:\WINDOWS\IMG-0249.zip 2007-09-18 13:37 27,535 --a------ C:\WINDOWS\IMG-9369.zip 2007-09-18 13:37 27,535 --a------ C:\WINDOWS\IMG-2236.zip . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-18 18:27 --------- d-----w C:\Program Files\Wanadoo 2007-09-13 22:26 --------- d-----w C:\Program Files\MSN Messenger 2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-02-16 09:50 16,760 ----a-w C:\Documents and Settings\ioio\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D88E0302-EB24-4B49-9AFC-FCFCF5B2ABF0}] C:\WINDOWS\System32\opnnl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "@"="" [] "HGTXPEI"="C:\WINDOWS\System32\FirstReboot.exe" [2002-06-11 15:34] "SoundFusion"="hercplgs.cpl" [2002-07-25 17:51 C:\WINDOWS\system32\hercplgs.cpl] "CloneCDTray"="C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" [2001-12-19 13:59] "ElbyCheckElbyCDFL"="C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" [2001-12-06 14:09] "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 05:19] "iHP-100"="C:\Program Files\iRiver\iHP100\iHPDetect.exe" [2003-09-30 17:16] "zBrowser Launcher"="C:\Program Files\iTouch\iTouch.exe" [2003-12-01 12:38] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB ealsched.exe" [2006-12-05 00:45] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 19:38] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "@"="" [] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 14:00] "LDM"="C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-09-14 18:44] "WOOKIT"="C:\Program Files\Wanadoo\GestMaj.exe" [2004-10-14 16:55] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegedit"=0 (0x0) "NoFind"=0 (0x0) "NoRun"=0 (0x0) "NoDesktop"=0 (0x0) "NoClose"=0 (0x0) "StartMenuLogOff"=0 (0x0) "HideClock"=0 (0x0) R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\System32\DRIVERS\e4usbaw.sys R3 hercspud;Hercules (R) WDM Audio Driver;C:\WINDOWS\System32\drivers\hercspud.sys R3 hercwdm;Hercules (R) WDM Interface Driver;C:\WINDOWS\System32\drivers\hercwdm.sys S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\System32\Drivers\e4ldr.sys S3 AN983;Carte Fast Ethernet 10/100 Mbps ADMtek AN983/AN985/ADM951X;C:\WINDOWS\System32\DRIVERS\AN983.sys [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{20C9DC6D-3C5B-C519-0508-070707000200}] C:\WINDOWS\System32\viewmsg32.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-10-18 18:10:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job" . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-18 20:26:51 Windows 5.1.2600 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . Completion time: 2007-10-18 20:30:01 - machine was rebooted . --- E O F ---

green day · Answer

Salut

ok, poste un nouveau rapport hijackthis stp

++

Blondin77 · Answer

SALUT

voila le nouveau rapport       MeeeeEERCI  :





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:45:28, on 19/10/2007
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iRiver\iHP100\iHPDetect.exe
C:\Program Files\iTouch\iTouch.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\D-Link\Bluetooth Software\BTTray.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system\NOTEPAD.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\ioio\Mes documents\blondinmine\antivirus\Nouveau dossier (2)\CCM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D88E0302-EB24-4B49-9AFC-FCFCF5B2ABF0} - C:\WINDOWS\System32\opnnl.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 hercplgs.cpl,BootEntryPoint
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\iTouch\iTouch.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?da8db32b0ef84bc29f855973d52d36de
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?da8db32b0ef84bc29f855973d52d36de
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/045821d475dec391cf22/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20030625/qtinstall.info.apple.com/abarth/fr/win/QuickTimeInstaller.exe
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/activeX/SpeedUploader.cab
O18 - Protocol: bw+0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NOTEPAD - Unknown owner - C:\WINDOWS\system\NOTEPAD.exe

green day · Answer

re

ok,

Télécharge BTFix de bibi26 
http://cluster1.easy-hebergement.net/ 
Dézippe l'archive sur ton Bureau (clic droit/extraire…) 
Ouvre le dossier BTFix 
Double clique sur BTFix.exe 
Clique sur Rechercher 
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse 

++

Blondin77 · Answer

RE....,
le rapport de btfix  merci :)     :




BTFix 1.053 (par bibi26) - 19/10/2007 23:40:22 - Analyse

---> Fichiers/Dossiers trouvés

 - C:\Program Files\Need2Find

---> Analyse terminée

green day · Answer

Salut

ok, relance le fixe et choisis l'option nettoyer 

ensuite fais ce qui est indiqué ici stp :

virus methode preliminaire de desinfection version fr

++

Blondin77 · Answer

SALUT !
je t'envoie le rapport AVG :




---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	11:45:04 23/10/2007

 + Résultat de l'analyse:	



C:\Documents and Settings\ioio\Cookies\ioio@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\ioio\Cookies\ioio@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\ioio\Cookies\ioio@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ioio\Cookies\ioio@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ioio\Cookies\ioio@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.


Fin du rapport






A bientot !

Blondin77 · Answer

Me revoila, 


l'autre rapport Bitdefender    mercimerci, 



BitDefender Online Scanner
  
  
 
Rapport d'analyse généré à: Tue, Oct 23, 2007 - 12:32:49
 
 
  
  
 
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;
  
  
 
 
  
  
 
Statistiques
 
Temps
 00:40:43
 
Fichiers
 66923
 
Directoires
 2470
 
Secteurs de boot
 3
 
Archives
 1027
 
Paquets programmes
 4107
 
  
  
 
Résultats
 
Virus identifiés
 2
 
Fichiers infectés
 2
 
Fichiers suspects
 0
 
Avertissements
 0
 
Désinfectés
 0
 
Fichiers effacés
 2
 
  
  
 
Info sur les moteurs
 
Définition virus
 857434
 
Version des moteurs
 AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
 
Analyse des plugins
 14
 
Archive des plugins
 38
 
Unpack des plugins
 7
 
E-mail plugins
 6
 
Système plugins
 1
 
  
  
 
Paramètres d'analyse
 
Première action
 Désinfecté
 
Seconde Action
 Supprimé
 
Heuristique
 Oui
 
Acceptez les avertissements
 Oui
 
Extensions analysées
 *;
 
Excludez les extensions
  
 
Analyse d'emails
 Oui
 
Analyse des Archives
 Oui
 
Analyser paquets programmes
 Oui
 
Analyse des fichiers
 Oui
 
Analyse de boot
 Oui
 
  
  
 
  Fichier analysé
  Statut
 
C:\VundoFix Backups\opnnl.dll.bad
 Infecté par: DeepScan:Generic.Virtumod.D6D43A9B
 
C:\VundoFix Backups\opnnl.dll.bad
 Echec de la désinfection
 
C:\VundoFix Backups\opnnl.dll.bad
 Supprimé
 
C:\VundoFix Backups\wudtupfn.dll.bad
 Infecté par: Trojan.Vundo.DNR
 
C:\VundoFix Backups\wudtupfn.dll.bad
 Echec de la désinfection
 
C:\VundoFix Backups\wudtupfn.dll.bad
 Supprimé

green day · Answer

Salut ;-)

 ok, où en est la situation ??

++

Blondin77 · Answer

Et enfin le dernier rapport Hijackthis :     sinon en ce moment mon pc fonctionne comme avant..YESsss !!
                                                                           (...et dire qu'il a failli  passer par la fenêtre !)


Y a t'il encore un risque de rechute ?( :-@) 
																											Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:24:11, on 23/10/2007
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iRiver\iHP100\iHPDetect.exe
C:\Program Files\iTouch\iTouch.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\D-Link\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system\NOTEPAD.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D88E0302-EB24-4B49-9AFC-FCFCF5B2ABF0} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 hercplgs.cpl,BootEntryPoint
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\iTouch\iTouch.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?da8db32b0ef84bc29f855973d52d36de
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?da8db32b0ef84bc29f855973d52d36de
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/045821d475dec391cf22/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20030625/qtinstall.info.apple.com/abarth/fr/win/QuickTimeInstaller.exe
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/activeX/SpeedUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.130 81.253.149.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.130 81.253.149.10
O18 - Protocol: bw+0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NOTEPAD - Unknown owner - C:\WINDOWS\system\NOTEPAD.exe

green day · Answer

Salut

Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" : 

O2 - BHO: (no name) - {D88E0302-EB24-4B49-9AFC-FCFCF5B2ABF0} - (no file) 

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/045821d475dec391cf22/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/activeX/SpeedUploader.cab


O17 - HKLM\System\CCS\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.130 81.253.149.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{12A2BD94-3BAE-4588-A4E5-AD6D44F07B72}: NameServer = 80.10.246.130 81.253.149.10
O18 - Protocol: bw+0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {858ADE23-9360-4B5F-9288-20442802AB50} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 


ensuite, repasse un coup de ccleaner, et installe un parefeu !

@+

;-)

Blondin77 · Answer

Salux,
ça y est, c'est fait,
dois-je comprendre que c'est fini maintenant ?   :-}
Aurais tu un parefeu à me conseiller ou c'est sans importance 

Merci    A plux

green day · Answer

Salut

oui, c'est fini ! :))

pour le parefeu : c'est très important !

 si tu es débutant, je te conseil zone alarme, sinon combo est très bon pour ce qui savent un peu manipuler et configurer les firewall

@+

;-))

Blondin77 · Answer

MILLE  MERCI !!



                       T'ES 1 GENIE !!!


Tchao ma poule !  gros poutous !

green day · Answer

Pas d'quoi ! :))

 à lire à l'occasion : http://www.commentcamarche.net/faq/sujet 2432 securite proteger un ordinateur contre les malwares d internet

@+

;-))

SOS VIRUS Win32/Malum.AJRY

24 réponses

Votre réponse

Discussions similaires

Newsletters