Sujet Précédent Sujet Suivant

Logfile of Trend Micro HijackThis v2.0.2

Résolu/Fermé
News - 29 juil. 2007 à 10:24
noamdu59 Messages postés 209 Date d'inscription dimanche 17 juin 2007 Statut Membre Dernière intervention 26 mai 2008 - 31 juil. 2007 à 11:46
une attaque de trojan.win32.obfuscated

Bonjour, il me semble que j'ai été attaqué par un trojan quelqu'un peut il m'aider à m'en débarrasser ?
Ci joint mon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:31, on 29/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\Program Files\Analog Devices\Core\smax4pnp.exe
H:\Program Files\Analog Devices\SoundMAX\Smax4.exe
H:\Program Files\ASUS\AASP\1.00.05\aaCenter.exe
H:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
H:\Program Files\Java\jre1.6.0\bin\jusched.exe
H:\Program Files\Logitech\Video\LogiTray.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\Program Files\MSN Messenger\msnmsgr.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Messenger\msmsgs.exe
H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\WINDOWS\system32\LVComS.exe
H:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\PROGRA~1\INCRED~1\bin\IMApp.exe
H:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
H:\Program Files\Logitech\SetPoint\SetPoint.exe
H:\Program Files\OpenOffice.org 2.2\program\soffice.exe
H:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
H:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
H:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
H:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Alwil Software\Avast4\ashLogV.exe
H:\WINDOWS\system32\msiexec.exe
H:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
H:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
H:\PROGRA~1\FREEDO~1\fdm.exe
C:\HiJackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - H:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - H:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - H:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar2.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - H:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] H:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "H:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] H:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AsusServiceProvider] H:\Program Files\ASUS\AASP\1.00.05\aaCenter.exe
O4 - HKLM\..\Run: [Ai Nap] "H:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo RX700 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE /P31 "EPSON Stylus Photo RX700 Series" /O6 "USB001" /M "Stylus Photo RX700"
O4 - HKLM\..\Run: [EEventManager] H:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] H:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] H:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [browse road dumb drive] H:\Documents and Settings\All Users\Application Data\webnewbrowseroad\Spam Poke.exe
O4 - HKCU\..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IncrediMail] H:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo RX700 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE /P31 "EPSON Stylus Photo RX700 Series" /M "Stylus Photo RX700" /EF "HKCU"
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] H:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [NBJ] "H:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [sendreal] H:\DOCUME~1\GISELE\APPLIC~1\GLOBAL~1\Manager size new.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = H:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: Stardock ObjectDock.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Envoyer à &Bluetooth - H:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://H:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://H:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://H:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - H:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - H:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://ophyle2lo.spaces.live.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: bw+0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A01E1FB8-FF08-441D-8299-D5457E9257D6} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - H:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - H:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
A voir également:

3 réponses

Réponse 1 / 3
noamdu59 Messages postés 209 Date d'inscription dimanche 17 juin 2007 Statut Membre Dernière intervention 26 mai 2008 22
29 juil. 2007 à 10:35
Bonjour,

Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Clique sur navilog1.zip pour télécharger navilog1.exe.

Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0
Réponse 2 / 3
News
29 juil. 2007 à 10:50
Search Navipromo version 2.0.5 commencé le 29/07/2007 à 10:41:40,79

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis H:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans H:\WINDOWS ***




*** Recherche dossiers dans H:\Program Files ***




*** Recherche dossiers dans H:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans H:\Documents and Settings\GISELE\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.

[+] Started on 07/29/07 at 10:41:41.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ..............................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 07/29/07 at 10:50:39 (return code = 0).


*** Recherche fichiers ***


H:\WINDOWS\pack.epk trouvé !


*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control



*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********

3)Recherche Certificats :


*** Analyse Terminé le 29/07/2007 à 10:51:34,71 ***
0
Réponse 3 / 3
noamdu59 Messages postés 209 Date d'inscription dimanche 17 juin 2007 Statut Membre Dernière intervention 26 mai 2008 22
29 juil. 2007 à 12:17
Maintenant,

Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Cliques en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Celà te fera apparaitre ton bureau.

Ensuite vide ta corbeille, et si tu as ccleaner lance le nettoyage.
0
Newws
30 juil. 2007 à 07:50
He bien malgré cela il me semble que le trojan est encore présent.
0
noamdu59 Messages postés 209 Date d'inscription dimanche 17 juin 2007 Statut Membre Dernière intervention 26 mai 2008 22
30 juil. 2007 à 09:53
Bonjour,

Fais un scan avec symantec pour connaitre le chemin exacte du trojan. Recopie le et poste le.
http://security.symantec.com/sscv6/home.asp?langid=fr&venid=sym&plfid=23&pkj=JCUZFIZTYMWPAZTJWUF&bhcp=1
0
noamdu59 Messages postés 209 Date d'inscription dimanche 17 juin 2007 Statut Membre Dernière intervention 26 mai 2008 22 > noamdu59 Messages postés 209 Date d'inscription dimanche 17 juin 2007 Statut Membre Dernière intervention 26 mai 2008
31 juil. 2007 à 11:46
Es-tu toujours infecté ?
0

Discussions similaires

input signal out of range
marlene -
usman000 -

14 réponses
télécharger sur des sites comme index of
khitty -
mikesophie -

26 réponses
Prelevement CB London
Abdoul7840 -
Letty -

7 réponses
Problème micro : le son est trop faible
ElfloY -
Zifoxe -

35 réponses
Mon micro diffuse les sons de mon PC
Utilisateur anonyme -
maarie -

24 réponses