Virus Trojan.Virtumod.ALW
Résolu/Fermé
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
-
16 mai 2007 à 20:01
Darkkiller Messages postés 2330 Date d'inscription jeudi 8 mars 2007 Statut Contributeur Dernière intervention 26 juin 2009 - 7 nov. 2007 à 02:44
Darkkiller Messages postés 2330 Date d'inscription jeudi 8 mars 2007 Statut Contributeur Dernière intervention 26 juin 2009 - 7 nov. 2007 à 02:44
A voir également:
- Virus Trojan.Virtumod.ALW
- Svchost.exe virus - Guide
- Youtu.be virus - Guide
- Faux message virus ordinateur - Guide
- Faux message virus iphone - Forum iPhone
- Tinyurl.com virus - Forum Virus
51 réponses
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 11:57
17 mai 2007 à 11:57
Petite information, depuis que j'ai supprimé des fichiers avec Vundofix j'ai un message qui apparait à chaque démarrage de mon ordinateur :s :
Erreur de chargement de C:/ Windows/ststem32/saoqdhru.dll
Le module spécifié est introuvable.
Voilà pour ce qui est des rapport :
[05/17/2007, 11:48:33] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Clément\Local Settings\Temporary Internet Files\Content.IE5\K1Q3AYF8\VirtumundoBeGone[1].exe" )
[05/17/2007, 11:48:35] - Detected System Information:
[05/17/2007, 11:48:35] - Windows Version: 5.1.2600, Service Pack 2
[05/17/2007, 11:48:35] - Current Username: Clément (Admin)
[05/17/2007, 11:48:35] - Windows is in NORMAL mode.
[05/17/2007, 11:48:35] - Searching for Browser Helper Objects:
[05/17/2007, 11:48:35] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[05/17/2007, 11:48:35] - BHO 2: {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - Checking for HKLM\...\Winlogon\Notify\hggeccc
[05/17/2007, 11:48:35] - Found: HKLM\...\Winlogon\Notify\hggeccc - This is probably Virtumundo.
[05/17/2007, 11:48:35] - Assigning {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936} MSEvents Object
[05/17/2007, 11:48:35] - BHO list has been changed! Starting over...
[05/17/2007, 11:48:35] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[05/17/2007, 11:48:35] - BHO 2: {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936} (MSEvents Object)
[05/17/2007, 11:48:35] - ALERT: Found MSEvents Object!
[05/17/2007, 11:48:35] - BHO 3: {55DB983C-BDBF-426f-86F0-187B02DDA39B} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - Checking for HKLM\...\Winlogon\Notify\kmehxgaj
[05/17/2007, 11:48:35] - Key not found: HKLM\...\Winlogon\Notify\kmehxgaj, continuing.
[05/17/2007, 11:48:35] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[05/17/2007, 11:48:35] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - No filename found. Continuing.
[05/17/2007, 11:48:35] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[05/17/2007, 11:48:35] - BHO 7: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[05/17/2007, 11:48:35] - BHO 8: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[05/17/2007, 11:48:35] - BHO 9: {F54A13D7-BC9C-4638-8834-DA46D2DD7648} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - Checking for HKLM\...\Winlogon\Notify\geeba
[05/17/2007, 11:48:35] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[05/17/2007, 11:48:35] - Finished Searching Browser Helper Objects
[05/17/2007, 11:48:35] - *** Detected MSEvents Object
[05/17/2007, 11:48:35] - Trying to remove MSEvents Object...
[05/17/2007, 11:48:36] - Terminating Process: IEXPLORE.EXE
[05/17/2007, 11:48:36] - Terminating Process: RUNDLL32.EXE
[05/17/2007, 11:48:36] - Disabling Automatic Shell Restart
[05/17/2007, 11:48:36] - Terminating Process: EXPLORER.EXE
[05/17/2007, 11:48:37] - Suspending the NT Session Manager System Service
[05/17/2007, 11:48:37] - Terminating Windows NT Logon/Logoff Manager
[05/17/2007, 11:48:37] - Re-enabling Automatic Shell Restart
[05/17/2007, 11:48:37] - File to disable: C:\WINDOWS\system32\hggeccc.dll
[05/17/2007, 11:48:37] - Renaming C:\WINDOWS\system32\hggeccc.dll -> C:\WINDOWS\system32\hggeccc.dll.vir
[05/17/2007, 11:48:38] - ! File rename was unsucessful.
[05/17/2007, 11:48:38] - Attempting to Deny Access to C:\WINDOWS\system32\hggeccc.dll
[05/17/2007, 11:48:38] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[05/17/2007, 11:48:38] - ERROR: Le mappage entre les noms de compte et les ID de sécurité n'a pas été effectué.
[05/17/2007, 11:48:38] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[05/17/2007, 11:48:38] - Removing HKLM\...\Browser Helper Objects\{43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936}
[05/17/2007, 11:48:38] - Removing HKCR\CLSID\{43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936}
[05/17/2007, 11:48:38] - Adding Kill Bit for ActiveX for GUID: {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936}
[05/17/2007, 11:48:38] - Deleting ATLEvents/MSEvents Registry entries
[05/17/2007, 11:48:38] - Removing HKLM\...\Winlogon\Notify\hggeccc
[05/17/2007, 11:48:38] - Searching for Browser Helper Objects:
[05/17/2007, 11:48:38] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[05/17/2007, 11:48:38] - BHO 2: {55DB983C-BDBF-426f-86F0-187B02DDA39B} ()
[05/17/2007, 11:48:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:38] - Checking for HKLM\...\Winlogon\Notify\kmehxgaj
[05/17/2007, 11:48:38] - Key not found: HKLM\...\Winlogon\Notify\kmehxgaj, continuing.
[05/17/2007, 11:48:38] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[05/17/2007, 11:48:38] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[05/17/2007, 11:48:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:38] - No filename found. Continuing.
[05/17/2007, 11:48:38] - BHO 5: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[05/17/2007, 11:48:38] - BHO 6: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[05/17/2007, 11:48:38] - BHO 7: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[05/17/2007, 11:48:38] - BHO 8: {F54A13D7-BC9C-4638-8834-DA46D2DD7648} ()
[05/17/2007, 11:48:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:38] - Checking for HKLM\...\Winlogon\Notify\geeba
[05/17/2007, 11:48:38] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[05/17/2007, 11:48:38] - Finished Searching Browser Helper Objects
[05/17/2007, 11:48:38] - Finishing up...
[05/17/2007, 11:48:38] - A restart is needed.
[05/17/2007, 11:48:38] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[05/17/2007, 11:48:42] - Attempting to Restart via STOP error (Blue Screen!)
Logfile of HijackThis v1.99.1
Scan saved at 11:57:35, on 17/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\01divers\Indispensable\wlancfg5.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\kmehxgaj.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F54A13D7-BC9C-4638-8834-DA46D2DD7648} - C:\WINDOWS\system32\geeba.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S9E.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\system32\saoqdkru.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: NETGEAR WPN311 Wireless Assistant.lnk = C:\Program Files\01divers\Indispensable\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\01divers\Indispensable\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab50997.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab50997.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Erreur de chargement de C:/ Windows/ststem32/saoqdhru.dll
Le module spécifié est introuvable.
Voilà pour ce qui est des rapport :
[05/17/2007, 11:48:33] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Clément\Local Settings\Temporary Internet Files\Content.IE5\K1Q3AYF8\VirtumundoBeGone[1].exe" )
[05/17/2007, 11:48:35] - Detected System Information:
[05/17/2007, 11:48:35] - Windows Version: 5.1.2600, Service Pack 2
[05/17/2007, 11:48:35] - Current Username: Clément (Admin)
[05/17/2007, 11:48:35] - Windows is in NORMAL mode.
[05/17/2007, 11:48:35] - Searching for Browser Helper Objects:
[05/17/2007, 11:48:35] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[05/17/2007, 11:48:35] - BHO 2: {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - Checking for HKLM\...\Winlogon\Notify\hggeccc
[05/17/2007, 11:48:35] - Found: HKLM\...\Winlogon\Notify\hggeccc - This is probably Virtumundo.
[05/17/2007, 11:48:35] - Assigning {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936} MSEvents Object
[05/17/2007, 11:48:35] - BHO list has been changed! Starting over...
[05/17/2007, 11:48:35] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[05/17/2007, 11:48:35] - BHO 2: {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936} (MSEvents Object)
[05/17/2007, 11:48:35] - ALERT: Found MSEvents Object!
[05/17/2007, 11:48:35] - BHO 3: {55DB983C-BDBF-426f-86F0-187B02DDA39B} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - Checking for HKLM\...\Winlogon\Notify\kmehxgaj
[05/17/2007, 11:48:35] - Key not found: HKLM\...\Winlogon\Notify\kmehxgaj, continuing.
[05/17/2007, 11:48:35] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[05/17/2007, 11:48:35] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - No filename found. Continuing.
[05/17/2007, 11:48:35] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[05/17/2007, 11:48:35] - BHO 7: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[05/17/2007, 11:48:35] - BHO 8: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[05/17/2007, 11:48:35] - BHO 9: {F54A13D7-BC9C-4638-8834-DA46D2DD7648} ()
[05/17/2007, 11:48:35] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:35] - Checking for HKLM\...\Winlogon\Notify\geeba
[05/17/2007, 11:48:35] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[05/17/2007, 11:48:35] - Finished Searching Browser Helper Objects
[05/17/2007, 11:48:35] - *** Detected MSEvents Object
[05/17/2007, 11:48:35] - Trying to remove MSEvents Object...
[05/17/2007, 11:48:36] - Terminating Process: IEXPLORE.EXE
[05/17/2007, 11:48:36] - Terminating Process: RUNDLL32.EXE
[05/17/2007, 11:48:36] - Disabling Automatic Shell Restart
[05/17/2007, 11:48:36] - Terminating Process: EXPLORER.EXE
[05/17/2007, 11:48:37] - Suspending the NT Session Manager System Service
[05/17/2007, 11:48:37] - Terminating Windows NT Logon/Logoff Manager
[05/17/2007, 11:48:37] - Re-enabling Automatic Shell Restart
[05/17/2007, 11:48:37] - File to disable: C:\WINDOWS\system32\hggeccc.dll
[05/17/2007, 11:48:37] - Renaming C:\WINDOWS\system32\hggeccc.dll -> C:\WINDOWS\system32\hggeccc.dll.vir
[05/17/2007, 11:48:38] - ! File rename was unsucessful.
[05/17/2007, 11:48:38] - Attempting to Deny Access to C:\WINDOWS\system32\hggeccc.dll
[05/17/2007, 11:48:38] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[05/17/2007, 11:48:38] - ERROR: Le mappage entre les noms de compte et les ID de sécurité n'a pas été effectué.
[05/17/2007, 11:48:38] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[05/17/2007, 11:48:38] - Removing HKLM\...\Browser Helper Objects\{43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936}
[05/17/2007, 11:48:38] - Removing HKCR\CLSID\{43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936}
[05/17/2007, 11:48:38] - Adding Kill Bit for ActiveX for GUID: {43DE05EB-4F4B-4ED9-BE0D-09F3EA6B3936}
[05/17/2007, 11:48:38] - Deleting ATLEvents/MSEvents Registry entries
[05/17/2007, 11:48:38] - Removing HKLM\...\Winlogon\Notify\hggeccc
[05/17/2007, 11:48:38] - Searching for Browser Helper Objects:
[05/17/2007, 11:48:38] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[05/17/2007, 11:48:38] - BHO 2: {55DB983C-BDBF-426f-86F0-187B02DDA39B} ()
[05/17/2007, 11:48:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:38] - Checking for HKLM\...\Winlogon\Notify\kmehxgaj
[05/17/2007, 11:48:38] - Key not found: HKLM\...\Winlogon\Notify\kmehxgaj, continuing.
[05/17/2007, 11:48:38] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[05/17/2007, 11:48:38] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[05/17/2007, 11:48:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:38] - No filename found. Continuing.
[05/17/2007, 11:48:38] - BHO 5: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[05/17/2007, 11:48:38] - BHO 6: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[05/17/2007, 11:48:38] - BHO 7: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[05/17/2007, 11:48:38] - BHO 8: {F54A13D7-BC9C-4638-8834-DA46D2DD7648} ()
[05/17/2007, 11:48:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/17/2007, 11:48:38] - Checking for HKLM\...\Winlogon\Notify\geeba
[05/17/2007, 11:48:38] - Key not found: HKLM\...\Winlogon\Notify\geeba, continuing.
[05/17/2007, 11:48:38] - Finished Searching Browser Helper Objects
[05/17/2007, 11:48:38] - Finishing up...
[05/17/2007, 11:48:38] - A restart is needed.
[05/17/2007, 11:48:38] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[05/17/2007, 11:48:42] - Attempting to Restart via STOP error (Blue Screen!)
Logfile of HijackThis v1.99.1
Scan saved at 11:57:35, on 17/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\01divers\Indispensable\wlancfg5.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\kmehxgaj.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F54A13D7-BC9C-4638-8834-DA46D2DD7648} - C:\WINDOWS\system32\geeba.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S9E.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\system32\saoqdkru.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: NETGEAR WPN311 Wireless Assistant.lnk = C:\Program Files\01divers\Indispensable\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\01divers\Indispensable\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab50997.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab50997.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 12:47
17 mai 2007 à 12:47
Vundofix n'a rien détecté, je n'ai pas de log.
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 14:15
17 mai 2007 à 14:15
C'est fait, j'ai le rapport si cela peut t'aider :
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 14:09:56 17/05/2007
+ Résultat de l'analyse:
C:\Windows\system32\ielexle.dll -> Logger.Banker.ckj : Nettoyé.
:mozilla.37:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.66:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.67:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.19:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.20:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.38:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.58:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.61:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.39:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.40:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.44:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.45:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.22:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.24:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.25:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.50:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.51:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 14:09:56 17/05/2007
+ Résultat de l'analyse:
C:\Windows\system32\ielexle.dll -> Logger.Banker.ckj : Nettoyé.
:mozilla.37:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.66:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.67:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.19:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.20:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.38:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.58:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.61:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.39:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.40:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.44:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.45:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.22:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.24:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.25:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.50:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.51:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 14:33
17 mai 2007 à 14:33
Après les 9 secondes j'ai ce message qui s'affiche :
PendingFileRenameOperation Registry Data has been Removed by External Process.
PendingFileRenameOperation Registry Data has been Removed by External Process.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 15:05
17 mai 2007 à 15:05
Voilà :),
17/05/2007 a 15:04:03,53
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\bdod.bin FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
17/05/2007 a 15:04:03,53
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\bdod.bin FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 15:10
17 mai 2007 à 15:10
Je te l'ai déjà donnée je crois ...
Darkkiller
Messages postés
2330
Date d'inscription
jeudi 8 mars 2007
Statut
Contributeur
Dernière intervention
26 juin 2009
67
17 mai 2007 à 15:12
17 mai 2007 à 15:12
Re,
Une nouvelle analyse pour voir si killbox a fait son boulot ou non ;)
Une nouvelle analyse pour voir si killbox a fait son boulot ou non ;)
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 16:47
17 mai 2007 à 16:47
Voilà :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 16:46:19 17/05/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{E2B4F4BD-1118-44BE-9BB6-CE5DEFFA9704}\RP204\A0087113.dll -> Logger.Banker.ckj : Nettoyé.
:mozilla.16:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.103:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.104:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.54:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.55:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.56:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.82:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.66:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.36:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.68:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.22:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.23:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.98:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.31:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.32:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.86:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.87:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.30:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.34:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.35:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.90:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.91:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 16:46:19 17/05/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{E2B4F4BD-1118-44BE-9BB6-CE5DEFFA9704}\RP204\A0087113.dll -> Logger.Banker.ckj : Nettoyé.
:mozilla.16:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.103:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.104:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.54:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.55:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.56:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.82:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.66:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.36:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.68:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.22:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.23:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.98:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.31:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.32:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.86:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.87:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.30:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.34:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.35:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.90:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.91:C:\Documents and Settings\Clément\Application Data\Mozilla\Firefox\Profiles\baelzb76.Clément\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Clément\Cookies\clément@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 17:59
17 mai 2007 à 17:59
Voilà, c'est fait :) !
Pour ce qui est du message qui apparait à chaque démarrage de l'ordinateur qu'est-ce que je fais ?
Pour ce qui est du message qui apparait à chaque démarrage de l'ordinateur qu'est-ce que je fais ?
Darkkiller
Messages postés
2330
Date d'inscription
jeudi 8 mars 2007
Statut
Contributeur
Dernière intervention
26 juin 2009
67
17 mai 2007 à 18:03
17 mai 2007 à 18:03
Re,
Tu le laisse ;)
D'autres problèmes ?
Tu le laisse ;)
D'autres problèmes ?
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 18:08
17 mai 2007 à 18:08
Non pas d'autre probleme.
Euh...désolé mais je ne me vois pas avec ce message à chaque fois que j'allume mon ordinateur, j'ai pas envie de le laisser.
Il n'y a pas un moyen de régler cela STP :)
Euh...désolé mais je ne me vois pas avec ce message à chaque fois que j'allume mon ordinateur, j'ai pas envie de le laisser.
Il n'y a pas un moyen de régler cela STP :)
Darkkiller
Messages postés
2330
Date d'inscription
jeudi 8 mars 2007
Statut
Contributeur
Dernière intervention
26 juin 2009
67
17 mai 2007 à 18:12
17 mai 2007 à 18:12
Re,
Qu'indique le message d'erreur ?
Qu'indique le message d'erreur ?
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
17 mai 2007 à 23:23
17 mai 2007 à 23:23
Erreur de chargement de C:/ Windows/system32/saoqdhru.dll
Le module spécifié est introuvable.
Voilà :)
Le module spécifié est introuvable.
Voilà :)
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
18 mai 2007 à 18:06
18 mai 2007 à 18:06
SLT,
Démarrer > Exécuter > tape msconfig > ...jusqu'ici pas de problème, par contre je ne trouve pas dans l'onglet démarrage C:/ Windows/system32/saoqdhru.dll :(
Démarrer > Exécuter > tape msconfig > ...jusqu'ici pas de problème, par contre je ne trouve pas dans l'onglet démarrage C:/ Windows/system32/saoqdhru.dll :(
Darkkiller
Messages postés
2330
Date d'inscription
jeudi 8 mars 2007
Statut
Contributeur
Dernière intervention
26 juin 2009
67
20 mai 2007 à 00:20
20 mai 2007 à 00:20
Re,
Je vais rechercher d'autres solutions.
Je vais rechercher d'autres solutions.
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
20 mai 2007 à 08:55
20 mai 2007 à 08:55
OK, merci ;)
Darkkiller
Messages postés
2330
Date d'inscription
jeudi 8 mars 2007
Statut
Contributeur
Dernière intervention
26 juin 2009
67
20 mai 2007 à 11:55
20 mai 2007 à 11:55
Re,
Pourrais-tu poster un log Hijackthis ?
Pourrais-tu poster un log Hijackthis ?
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
20 mai 2007 à 11:57
20 mai 2007 à 11:57
Voilà...
Logfile of HijackThis v1.99.1
Scan saved at 11:56:45, on 20/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\01divers\Indispensable\wlancfg5.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\program files\softwin\bitdefender9\bdmcon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\kmehxgaj.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F54A13D7-BC9C-4638-8834-DA46D2DD7648} - C:\WINDOWS\system32\geeba.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S9E.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\system32\saoqdkru.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: NETGEAR WPN311 Wireless Assistant.lnk = C:\Program Files\01divers\Indispensable\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\01divers\Indispensable\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab50997.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab50997.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 11:56:45, on 20/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\01divers\Indispensable\wlancfg5.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\program files\softwin\bitdefender9\bdmcon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\kmehxgaj.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F54A13D7-BC9C-4638-8834-DA46D2DD7648} - C:\WINDOWS\system32\geeba.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S9E.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\system32\saoqdkru.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: NETGEAR WPN311 Wireless Assistant.lnk = C:\Program Files\01divers\Indispensable\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\01divers\Indispensable\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab50997.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab50997.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Darkkiller
Messages postés
2330
Date d'inscription
jeudi 8 mars 2007
Statut
Contributeur
Dernière intervention
26 juin 2009
67
20 mai 2007 à 12:06
20 mai 2007 à 12:06
Re,
Ouvre Hijackthis et clique sur "Do a system scan only" et coche ces lignes :
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\kmehxgaj.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {F54A13D7-BC9C-4638-8834-DA46D2DD7648} - C:\WINDOWS\system32\geeba.dll (file missing)
Quand tu as coché ces lignes, Clique sur "Fix Checked"
Normalement apres sa, tes messages d'erreurs auront disparus.
Ouvre Hijackthis et clique sur "Do a system scan only" et coche ces lignes :
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\kmehxgaj.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {F54A13D7-BC9C-4638-8834-DA46D2DD7648} - C:\WINDOWS\system32\geeba.dll (file missing)
Quand tu as coché ces lignes, Clique sur "Fix Checked"
Normalement apres sa, tes messages d'erreurs auront disparus.
Cronor
Messages postés
54
Date d'inscription
mercredi 18 avril 2007
Statut
Membre
Dernière intervention
6 juin 2007
20 mai 2007 à 12:34
20 mai 2007 à 12:34
Non, désolé, mon message apparait toujours :(