Sujet Précédent Sujet Suivant

Virus msn

Fermé
anais - 1 août 2007 à 03:11
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 1 août 2007 à 10:26
bonsoir ,je suis infecter par le virus msn album photo zip mon pc ralenti et je n'arrive pas a l'enlever.
je vous met les rapport .merci d'avance

Logfile of HijackThis v1.99.1
Scan saved at 03:03:44, on 01/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Documents and Settings\Propriétaire\Mes documents\Bluetooth\BTNtService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Fast.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\fast.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Documents and Settings\Propriétaire\Mes documents\Bluetooth\BlueSoleil.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PowerDVD] C:\Program Files\CyberLink DVD Solution\PowerDVD\PowerDVD.exe /autostart
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [NI.UWA7PV_0001_N96M0206] "c:\documents and settings\propriétaire\application data\winantiviruspro2007freeinstall_fr[1].exe" -nag
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA9D96A-D44E-47E4-9248-AA78F6CE1C23}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F8EE4C2-2AE4-49C8-8F2D-5485B0AC86AF}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8B3F363-1C25-47CC-B6B0-1A2604916810}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AA9D96A-D44E-47E4-9248-AA78F6CE1C23}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AA9D96A-D44E-47E4-9248-AA78F6CE1C23}: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw+0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {CDEF7371-99AA-469C-AEC7-22A19C89B39D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Documents and Settings\Propriétaire\Mes documents\Bluetooth\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


MSN_Fix 1.449

C:\Documents and Settings\Propri‚taire\Bureau\MSNFix
Fix exécuté le 01/08/2007 - 2:57:35.00 By Propri‚taire
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\album??.zip
... C:\WINDOWS\album???.zip
... C:\WINDOWS\image??.zip
... C:\WINDOWS\image???.zip
... C:\WINDOWS\images??.zip
... C:\WINDOWS\images???.zip
... C:\WINDOWS\photo*.zip
... C:\WINDOWS\photos*.zip
... C:\WINDOWS\photos???.zip
... C:\WINDOWS\photos2007_*.zip
... C:\WINDOWS\system32\libcintles3.dll

************************ Recherche les dossiers présents

Aucun dossier trouvé




************************ Suppression des fichiers

.. OK ... C:\WINDOWS\album??.zip
.. OK ... C:\WINDOWS\album???.zip
.. OK ... C:\WINDOWS\image??.zip
.. OK ... C:\WINDOWS\image???.zip
.. OK ... C:\WINDOWS\images??.zip
.. OK ... C:\WINDOWS\images???.zip
.. OK ... C:\WINDOWS\photo*.zip
.. OK ... C:\WINDOWS\photos*.zip
.. OK ... C:\WINDOWS\photos???.zip
.. OK ... C:\WINDOWS\photos2007_*.zip
.. OK ... C:\WINDOWS\system32\libcintles3.dll



************************ Nettoyage du registre



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\system32\AVASTSS.scr] B85760414C16DF79A27A3646108C172E


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 01082007_ 25809.35.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.aceboard.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

[08/01/2007, 2:58:58] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Propriétaire\Bureau\VirtumundoBeGone.exe" )
[08/01/2007, 2:59:00] - Detected System Information:
[08/01/2007, 2:59:00] - Windows Version: 5.1.2600, Service Pack 2
[08/01/2007, 2:59:00] - Current Username: Propriétaire (Admin)
[08/01/2007, 2:59:00] - Windows is in NORMAL mode.
[08/01/2007, 2:59:00] - Searching for Browser Helper Objects:
[08/01/2007, 2:59:00] - BHO 1: {3443D842-C34D-4759-B868-038D166726CF} ()
[08/01/2007, 2:59:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[08/01/2007, 2:59:00] - Checking for HKLM\...\Winlogon\Notify\awtst
[08/01/2007, 2:59:00] - Found: HKLM\...\Winlogon\Notify\awtst - This is probably Virtumundo.
[08/01/2007, 2:59:00] - Assigning {3443D842-C34D-4759-B868-038D166726CF} MSEvents Object
[08/01/2007, 2:59:00] - BHO list has been changed! Starting over...
[08/01/2007, 2:59:00] - BHO 1: {3443D842-C34D-4759-B868-038D166726CF} (MSEvents Object)
[08/01/2007, 2:59:00] - ALERT: Found MSEvents Object!
[08/01/2007, 2:59:00] - BHO 2: {45AD732C-2CE2-4666-B366-B2214AD57A49} (Idea2 SidebarBrowserMonitor Class)
[08/01/2007, 2:59:00] - BHO 3: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[08/01/2007, 2:59:00] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/01/2007, 2:59:00] - BHO 5: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[08/01/2007, 2:59:00] - BHO 6: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[08/01/2007, 2:59:00] - Finished Searching Browser Helper Objects
[08/01/2007, 2:59:00] - *** Detected MSEvents Object
[08/01/2007, 2:59:00] - Trying to remove MSEvents Object...
[08/01/2007, 2:59:01] - Terminating Process: IEXPLORE.EXE
[08/01/2007, 2:59:02] - Terminating Process: RUNDLL32.EXE
[08/01/2007, 2:59:02] - Disabling Automatic Shell Restart
[08/01/2007, 2:59:02] - Terminating Process: EXPLORER.EXE
[08/01/2007, 2:59:02] - Suspending the NT Session Manager System Service
[08/01/2007, 2:59:02] - Terminating Windows NT Logon/Logoff Manager
[08/01/2007, 2:59:03] - Re-enabling Automatic Shell Restart
[08/01/2007, 2:59:03] - File to disable: C:\WINDOWS\system32\awtst.dll
[08/01/2007, 2:59:03] - Removing HKLM\...\Browser Helper Objects\{3443D842-C34D-4759-B868-038D166726CF}
[08/01/2007, 2:59:03] - Removing HKCR\CLSID\{3443D842-C34D-4759-B868-038D166726CF}
[08/01/2007, 2:59:03] - Adding Kill Bit for ActiveX for GUID: {3443D842-C34D-4759-B868-038D166726CF}
[08/01/2007, 2:59:03] - Deleting ATLEvents/MSEvents Registry entries
[08/01/2007, 2:59:03] - Removing HKLM\...\Winlogon\Notify\awtst
[08/01/2007, 2:59:03] - Searching for Browser Helper Objects:
[08/01/2007, 2:59:03] - BHO 1: {45AD732C-2CE2-4666-B366-B2214AD57A49} (Idea2 SidebarBrowserMonitor Class)
[08/01/2007, 2:59:03] - BHO 2: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[08/01/2007, 2:59:03] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/01/2007, 2:59:03] - BHO 4: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[08/01/2007, 2:59:03] - BHO 5: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[08/01/2007, 2:59:03] - Finished Searching Browser Helper Objects
[08/01/2007, 2:59:03] - Finishing up...
[08/01/2007, 2:59:03] - A restart is needed.
[08/01/2007, 2:59:10] - Attempting to Restart via STOP error (Blue Screen!)
A voir également:

1 réponse

Réponse 1 / 1
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
1 août 2007 à 10:26
Bonjour,

1) Tu sembles ne pas avoir de parefeu contrôlant les connexions sortantes, ce qui est un risque de sécurité.

Si c'est le cas tu as le choix entre ces deux possibilités :

Zone Alarm Tuto et lien de téléchargement ici :
https://www.malekal.com/tutoriel-zonealarm-firewall/

Kerio Tuto et lien de téléchargement ici :
http://www.malekal.com/kerio_firewall.php

Il y en a d'autres que tu peux trouver en ouvrant ce lien :
http://www.malekal.com/menu_tutorials_logiciels.php

Il faut que tu désactives le parefeu de Windows (panneau de configuration, parefeu de Windows) après le téléchargement et avant l'installation (déconnecte toi du Net à ce moment là).

2) Imprime ces instructions car il va y avoir un redémarrage de l'ordinateur.

* Télécharge FixWareout de ce site sur le bureau:
http://downloads.subratam.org/Fixwareout.exe


* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt) avec un nouveau rapport HijackThis! dans ta prochaine réponse

3) Télécharge Brute Force Uninstaller (de Merijn) ici: http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)
Ensuite, télécharge Winsoftware.bfu (de lazzzy) :
Fais un clik droit ici : : http://www.alt-shift-return.org/Info/Fichiers/Winsoftware.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger Winsoftware.bfu (delazzzy).
Sauvegarde dans le dossier créé (C:\BFU).
**Note : si tu utilises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".

Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Winsoftware.bfu et BFU.exe (très important).

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

Tu as une démo animée ici (merci balltrap34):
http://perso.orange.fr/rginformatique/section%20virus/bfu%20demo.htm
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : Winsoftware.bfu
- Coches la case Show log after scrïpt ends
- Clique sur Execute pour que le fix fasse son boulot :-) Attends que le message Complete scrïpt execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.

4) n'oublie pas de poster tous les rapports ainsi qu'un nouveau log Hijackthis.
@+
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
Peut on retrouver des conversations MSN?
Moi51 -
benzar -

36 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
impossible de me connecter a msn hotmail
Regis -
marino_u -

4 réponses