[virus] Win32:Trojan-gen. {UPX!}

Résolu
marie-p Messages postés 69 Statut Membre -  
philae83 Messages postés 12854 Statut Contributeur sécurité -
Voilà, ça fait un moment que avast me dit que je suis infectée par Win32:Trojan-gen. {UPX!} mais je n'avais pas encore eu le temps de m'en occuper. Comme je suis vraiment pas douée en informatique, je suppose que mon ordi doit être pas mal infecté. Ce serait vraiment gentil si quelqu'un pouvait m'aider.

Je mets le rapport hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 16:08:51, on 15/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\AdobeR.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
K:\AdobeR.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Microsoft Works\WkDStore.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\marie\Mes documents\mp.villette\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://wanadoofr.oberon-media.com/online2/chainz_2/mjolauncher.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.servicesalacarte.orange.fr/activex/zylomgamesplayer.cab
O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/OnlineHSS/bejeweled_2/Popcap.cab
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.58.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab
O18 - Protocol: bw+0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Merci d'avance pour votre aide
Configuration: Windows XP
Internet Explorer 6.0

15 réponses

  1. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    * télécharge AVG Anti-Spyware (ewido)

    https://www.avg.com/en-ww/free-antivirus-download

    * tu l'installes

    * lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

    puis

    Lance AVG Anti-Spyware

    Clique sur le bouton Analyse (de la barre d'outils)

    puis fait dans l'ordre stp. Tu sauvegardes le rapport APRES avoir mis les actions.

    Puis sur l'onglet Paramètres,
    sous : "Comment réagir "clique sur Actions recommandées. Sélectionne Quarantaine.

    Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

    A la fin du scan, choisis l'option 3

    "Appliquer toutes les actions " en bas.

    Clique sur "Enregistrer le rapport".

    Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

    Poste le.
    0
    1. marie-p Messages postés 69 Statut Membre 1
       
      Voici le rapport d'AVG

      ---------------------------------------------------------
      AVG Anti-Spyware - Rapport d'analyse
      ---------------------------------------------------------

      + Créé à: 17:58:47 15/04/2007

      + Résultat de l'analyse:



      C:\WINDOWS\system32\ezPopStub.exe -> Adware.EZula : Nettoyé et sauvegardé (mise en quarantaine).
      HKLM\SOFTWARE\Classes\AppID\{9DA1990B-9BCA-4c80-AEFB-11A40FA849F9} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP956\A0255567.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP968\A0256948.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP970\A0257157.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP973\A0257278.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP976\A0257509.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP979\A0257741.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP979\A0257742.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP979\A0257743.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP984\A0258089.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258938.EXE -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258939.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258940.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258941.EXE -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258942.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258943.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258944.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258945.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258946.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258947.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258948.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258950.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP993\A0258951.exe -> Downloader.Agent.awf : Nettoyé et sauvegardé (mise en quarantaine).
      C:\Documents and Settings\marie\Cookies\marie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@axa.addcontrol[1].txt -> TrackingCookie.Addcontrol : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@www.etracker[1].txt -> TrackingCookie.Etracker : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@hit.gemius[2].txt -> TrackingCookie.Gemius : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@real[1].txt -> TrackingCookie.Real : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@realguide.real[1].txt -> TrackingCookie.Real : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
      C:\Documents and Settings\matthieu\Cookies\matthieu@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@c5.zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
      C:\Documents and Settings\marie\Cookies\marie@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.


      Fin du rapport
      0
  2. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    re

    reposte un nouveau rapport hijackthis maintenant stp
    0
  3. marie-p Messages postés 69 Statut Membre 1
     
    Voilà le rapport:

    Logfile of HijackThis v1.99.1
    Scan saved at 18:05:41, on 15/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
    C:\Documents and Settings\marie\Mes documents\mp.villette\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
    O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
    O4 - HKCU\..\Run: [LDM] \Program\
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
    O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://wanadoofr.oberon-media.com/online2/chainz_2/mjolauncher.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.servicesalacarte.orange.fr/activex/zylomgamesplayer.cab
    O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/OnlineHSS/bejeweled_2/Popcap.cab
    O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
    O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.58.cab
    O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab
    O18 - Protocol: bw+0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs:
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    0
  4. marie-p Messages postés 69 Statut Membre 1
     
    J'espère que vous allez pouvoir continuer de me donner des instructions pour désinfecter mon ordi
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. marie-p Messages postés 69 Statut Membre 1
     
    J'ai essayé le scan en ligne et la première fois il m'avait trouvé un virus mais j'ai dû arrêter l'analyse en cours et depuis j'ai essayé plusieurs fois mais il ne me trouve plus de virus. Il m'affiche "Aucun virus ou autre logiciel malveillant n'a été détecté !". Je ne sais pas d'uù ça vient car j'ai bien arrêté avast à chaque fois
    0
  7. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    pourquoi as tu arrêté le scan ? peut être avait il nettoyé.

    essaye d'en faire un autre ici
    https://www.bitdefender.fr/
    et copie colle le résultat ici
    * En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
    * Dans la nouvelle fenêtre, clique sur I agree
    * La fenêtre change encore, clique sur Click here to scan
    * Les signatures se chargent, etc.

    tuto en image

    http://pageperso.aol.fr/rginformatique/mapage/defender.htm

    0
  8. marie-p Messages postés 69 Statut Membre 1
     
    J'avais arrété le premier scan parce que je n'avais pas le temps pour le laisser se terminer.
    J'ai fait2 scans avec bitdefender et Voilà ce qu'il reste après le 2ème scan
    BitDefender Online Scanner

    Rapport d'analyse généré à: Thu, Apr 19, 2007 - 14:00:35

    Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;

    Statistiques

    Temps
    02:04:24

    Fichiers
    765746

    Directoires
    9615

    Secteurs de boot
    3

    Archives
    18285

    Paquets programmes
    61083

    Résultats

    Virus identifiés
    1

    Fichiers infectés
    1

    Fichiers suspects
    0

    Avertissements
    0

    Désinfectés
    0

    Fichiers effacés
    0

    Info sur les moteurs

    Définition virus
    486759

    Version des moteurs
    AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

    Analyse des plugins
    14

    Archive des plugins
    38

    Unpack des plugins
    6

    E-mail plugins
    6

    Système plugins
    1

    Paramètres d'analyse

    Première action
    Désinfecté

    Seconde Action
    Supprimé

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analysées
    *;

    Excludez les extensions

    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui

    Fichier analysé
    Statut

    C:\WINDOWS\AdobeR.exe
    Infecté par: Worm.RJump.K

    C:\WINDOWS\AdobeR.exe
    Echec de la désinfection

    C:\WINDOWS\AdobeR.exe
    Echec de la suppression
    0
  9. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    effectivement tu vas faire ce qui est préconisé dans ce lien

    http://www.malekal.com/Worm.Win32.RJump.a.php
    0
  10. marie-p Messages postés 69 Statut Membre 1
     
    J'ai fait tout ce qui était sur le lien et demain je retente un scan en ligne avec bitdefender. J'espère que tout sera réglé. Merci pour ton aide
    0
  11. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    re
    ok, on verra donc demain maintenant.
    Bonne soirée
    0
  12. marie-p Messages postés 69 Statut Membre 1
     
    Voila le dernier scan

    BitDefender Online Scanner

    Rapport d'analyse généré à: Fri, Apr 20, 2007 - 21:53:48

    Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;

    Statistiques

    Temps
    02:04:16

    Fichiers
    708461

    Directoires
    9459

    Secteurs de boot
    3

    Archives
    17136

    Paquets programmes
    58741

    Résultats

    Virus identifiés
    1

    Fichiers infectés
    1

    Fichiers suspects
    0

    Avertissements
    0

    Désinfectés
    0

    Fichiers effacés
    1

    Info sur les moteurs

    Définition virus
    487090

    Version des moteurs
    AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

    Analyse des plugins
    14

    Archive des plugins
    38

    Unpack des plugins
    6

    E-mail plugins
    6

    Système plugins
    1

    Paramètres d'analyse

    Première action
    Désinfecté

    Seconde Action
    Supprimé

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analysées
    *;

    Excludez les extensions

    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui

    Fichier analysé
    Statut

    C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP997\A0292607.exe
    Infecté par: Worm.RJump.K

    C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP997\A0292607.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{A6B224D0-A415-4BA9-8115-B5AA59C9F2C7}\RP997\A0292607.exe
    Supprimé
    0
  13. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    visiblement il n'y a plus de soucis.
    encore des problèmes ou non ?
    0
  14. marie-p Messages postés 69 Statut Membre 1
     
    Tout a l'air OK.

    Merci beaucoup pour ton aide efficace.
    0
  15. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    re
    parfait

    maintenant pour finir :

    * Tu peux supprimer tous les logiciels que nous avons utilisés

    * démarrer-----------panneau de configuration------------système----------
    onglet Restauration système-----------coche la case (Désactiver la restauration système)--------------
    redémarre l'ordinateur
    réactive la ensuite

    * Pour améliorer la sécurité de ton PC prend quelques instants pour lire

    CECI

    * Dénonce ton infection pour faire condamner les auteurs.
    Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être les plus nombreux possibles, alors rends compte de ton infection :

    - Voir les règles du forum : https://malwarecomplaints.info/
    - Après t'être enregistré à l'aide du bouton en haut se nommant "Register"
    Si tu as plus de 13 ans, choisir : "I Agree to these terms and am over or exactly 13 years of age"
    Si tu as moins, clique sur : "I Agree to these terms and am under 13 years of age"

    Tu as alors sous forme de liste un sujet par type d'infection (Look2Me, Smitfraud, SpywareQuake etc..).
    La tienne = ******

    ---> https://malwarecomplaints.info/

    Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections
    conforme au règle du forum (age, ville, département etc..)

    Indique aussi le nom du Forum qui t'a aidé, <grad>CommentCaMarche</gras>

    * met ton sujet en RESOLU stp, merci.

    0