Problèmes depuis virus Trojan
Fermé
MCosmo
-
14 sept. 2007 à 15:45
QuelBeauPseudo Messages postés 253 Date d'inscription dimanche 20 mai 2007 Statut Membre Dernière intervention 8 juillet 2008 - 15 sept. 2007 à 15:15
QuelBeauPseudo Messages postés 253 Date d'inscription dimanche 20 mai 2007 Statut Membre Dernière intervention 8 juillet 2008 - 15 sept. 2007 à 15:15
A voir également:
- Problèmes depuis virus Trojan
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Message virus iphone site adulte - Forum iPhone
- Trojan wacatac ✓ - Forum Virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
10 réponses
MCosmo
Messages postés
3
Date d'inscription
vendredi 14 septembre 2007
Statut
Membre
Dernière intervention
9 octobre 2007
14 sept. 2007 à 22:16
14 sept. 2007 à 22:16
Voici le rapport HIJACKTHIS ;)
Logfile of HijackThis v1.99.1
Scan saved at 22:17:05, on 14/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {64B94229-7967-860A-A0C2-034C02BA876B} - C:\Program Files\Nutttuhv\bgzaauqn.dll
O2 - BHO: (no name) - {733E9132-53CA-4C97-9AC9-145C4502FA20} - C:\WINDOWS\system32\efcyaxy.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [xcfcvmbo] rundll32.exe "C:\Program Files\xcfcvmbo\bodmdsno.dll",Init
O4 - HKLM\..\Run: [upchghcr] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\upchghcr.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://kt.bar.need2find.com/KT/menusearch.html?p=KT
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - https://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: efcyaxy - C:\WINDOWS\SYSTEM32\efcyaxy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Logfile of HijackThis v1.99.1
Scan saved at 22:17:05, on 14/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {64B94229-7967-860A-A0C2-034C02BA876B} - C:\Program Files\Nutttuhv\bgzaauqn.dll
O2 - BHO: (no name) - {733E9132-53CA-4C97-9AC9-145C4502FA20} - C:\WINDOWS\system32\efcyaxy.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [xcfcvmbo] rundll32.exe "C:\Program Files\xcfcvmbo\bodmdsno.dll",Init
O4 - HKLM\..\Run: [upchghcr] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\upchghcr.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://kt.bar.need2find.com/KT/menusearch.html?p=KT
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - https://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B8A64775-E8B5-4539-AD7A-1ACE598631C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: efcyaxy - C:\WINDOWS\SYSTEM32\efcyaxy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
QuelBeauPseudo
Messages postés
253
Date d'inscription
dimanche 20 mai 2007
Statut
Membre
Dernière intervention
8 juillet 2008
32
14 sept. 2007 à 23:04
14 sept. 2007 à 23:04
Bonsoir.
Pour hijackthis j'ai besoin de temps.
1)Assure toi que l'option de bouclier resident est enclenché dans spybot
2)degage avast installe antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
Fait la mise a jour et le scan.
Ya aussi le tutorial dans cette page.
Verifie que l'option d'antivir qui l'empeche d'etre coupée est enclenchée
3)telecharge avg antispy
https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/
Fait la mise a jour et le scan.
Ya aussi le tutorial dans cette page.
4)Mur de feu?
https://www.malekal.com/tutorial-et-guide-counterspy/
Ya aussi le tutorial dans cette page.
5)Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Pour hijackthis j'ai besoin de temps.
1)Assure toi que l'option de bouclier resident est enclenché dans spybot
2)degage avast installe antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
Fait la mise a jour et le scan.
Ya aussi le tutorial dans cette page.
Verifie que l'option d'antivir qui l'empeche d'etre coupée est enclenchée
3)telecharge avg antispy
https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/
Fait la mise a jour et le scan.
Ya aussi le tutorial dans cette page.
4)Mur de feu?
https://www.malekal.com/tutorial-et-guide-counterspy/
Ya aussi le tutorial dans cette page.
5)Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
QuelBeauPseudo
Messages postés
253
Date d'inscription
dimanche 20 mai 2007
Statut
Membre
Dernière intervention
8 juillet 2008
32
15 sept. 2007 à 00:37
15 sept. 2007 à 00:37
Je vient de trouver un truc louche lance un scan ici pour confirmation et poste le rapport.
https://www.kaspersky.fr/downloads
Oulala, bon pas de panique... Je croit qu'il ya du boulot.
Fait bien toutes les mises a jours des antispy et les scans aussi pour antivir.
Ensuite poste un nouveau rapport d'HyjackThis avec celui de kaspersky je repasse apres et aussi biensur le navilog/blacklight.
Ne t'inquiete, sa va aller.
https://www.kaspersky.fr/downloads
Oulala, bon pas de panique... Je croit qu'il ya du boulot.
Fait bien toutes les mises a jours des antispy et les scans aussi pour antivir.
Ensuite poste un nouveau rapport d'HyjackThis avec celui de kaspersky je repasse apres et aussi biensur le navilog/blacklight.
Ne t'inquiete, sa va aller.
philae83
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
15 sept. 2007 à 00:43
15 sept. 2007 à 00:43
bonsoir,
je m'excuse d'intervenir, mais vundofix serait peut être approprié
* Télécharge VundoFix.exe (par Atribune) sur ton Bureau
http://www.atribune.org/ccount/click.php?id=4
* Double-clique VundoFix.exe afin de le lancer
* Clique sur le bouton Scan for Vundo
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
je m'excuse d'intervenir, mais vundofix serait peut être approprié
* Télécharge VundoFix.exe (par Atribune) sur ton Bureau
http://www.atribune.org/ccount/click.php?id=4
* Double-clique VundoFix.exe afin de le lancer
* Clique sur le bouton Scan for Vundo
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
MCosmo
Messages postés
3
Date d'inscription
vendredi 14 septembre 2007
Statut
Membre
Dernière intervention
9 octobre 2007
15 sept. 2007 à 01:00
15 sept. 2007 à 01:00
Je vais essayer tout ça et vous tenir au courant, merci pour ces réponses, car je suis assez dépassée.
QuelBeauPseudo : tu entends quoi par "navilog/blacklight" , c'est un peu du chinois pour moi =/
Merci !
QuelBeauPseudo : tu entends quoi par "navilog/blacklight" , c'est un peu du chinois pour moi =/
Merci !
QuelBeauPseudo
Messages postés
253
Date d'inscription
dimanche 20 mai 2007
Statut
Membre
Dernière intervention
8 juillet 2008
32
15 sept. 2007 à 01:11
15 sept. 2007 à 01:11
navilog/blacklight c'est les rapports que tu obtient par l'utilisation de navifix.
"philae83" est sans doute competent laisse tranquille navifix et lance plutot vundo comme il dit
(moi j'ai pas encore une habitude eprouvée, "philae83" si)
J'ai trouvé 2 lignes tres suspectes mais il devrait probablement avoir du ménage avec antivir et avg antispy, c'est pour sa que je n'est pas analysé la totalité du rapport hyjackthis. Il en faudrat un nouveau apres les manips pour voir se qui persiste.
"philae83" est sans doute competent laisse tranquille navifix et lance plutot vundo comme il dit
(moi j'ai pas encore une habitude eprouvée, "philae83" si)
J'ai trouvé 2 lignes tres suspectes mais il devrait probablement avoir du ménage avec antivir et avg antispy, c'est pour sa que je n'est pas analysé la totalité du rapport hyjackthis. Il en faudrat un nouveau apres les manips pour voir se qui persiste.
philae83
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
15 sept. 2007 à 01:16
15 sept. 2007 à 01:16
re
je suis elle :) lol
ceci dit, tu verras après le passage de vundo, ce que ça donne
"philae83" est sans doute competent laisse tranquille navifix et lance plutot vundo comme il dit
je suis elle :) lol
ceci dit, tu verras après le passage de vundo, ce que ça donne
J'ai commencé avec VundoFix, voici le rapport :
VundoFix V6.5.8
Checking Java version...
Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.
Scan started at 11:42:22 15/09/2007
Listing files found while scanning....
C:\windows\system32\drvmetr.dll
Beginning removal...
Attempting to delete C:\windows\system32\drvmetr.dll
C:\windows\system32\drvmetr.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.8
Checking Java version...
Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.
Scan started at 11:42:22 15/09/2007
Listing files found while scanning....
C:\windows\system32\drvmetr.dll
Beginning removal...
Attempting to delete C:\windows\system32\drvmetr.dll
C:\windows\system32\drvmetr.dll Has been deleted!
Performing Repairs to the registry.
Done!
Rapport Antivir
AntiVir PersonalEdition Classic
Report file date: samedi 15 septembre 2007 11:58
Scanning for 1070955 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: PERSO-5157E8835
Version information:
BUILD.DAT : 268 15604 Bytes 31/08/2007 13:04:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 11:32:40
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 11:32:46
ANTIVIR2.VDF : 6.39.1.120 1918464 Bytes 12/09/2007 21:36:04
ANTIVIR3.VDF : 6.39.1.133 109568 Bytes 14/09/2007 21:36:04
AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 29/08/2007 16:09:10
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 15 septembre 2007 11:58
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'dslmon.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'LowLight.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'LVComS.exe' - '1' Module(s) have been scanned
Scan process 'StartMessager.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
47 processes with 47 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\efcyaxy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\efcyaxy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
The registry was scanned ( '43' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Caroline\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-42db2dea-68e3a961.zip
[0] Archive type: ZIP
--> BnnnnBaa.class
[DETECTION] Is the Trojan horse TR/Java.Downloader.Gen
--> VaannnaaBaa.class
[DETECTION] Is the Trojan horse TR/ClassLoader
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP625\A0249637.exe
[0] Archive type: ZIP SFX (self extracting)
--> resource.0000.pkg
[1] Archive type: ZIP
--> RPCInstall_US.dll
[DETECTION] Contains suspicious code HEUR/Malware
--> RPCInstall_INTL.dll
[DETECTION] Contains suspicious code HEUR/Malware
--> ShopperReports.exe
[DETECTION] Contains detection pattern of the dropper DR/Shopper.K.13
--> osfreez118.exe
[DETECTION] Contains detection pattern of the dropper DR/OneStep.A
[INFO] The file was moved to '471dbe29.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0252772.dll
[DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
[INFO] The file was moved to '471dbe50.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0252775.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '471dbe52.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0252776.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '471dbe54.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253572.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.11776
[INFO] The file was moved to '471dbe57.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253595.exe
[DETECTION] Is the Trojan horse TR/Dldr.Nonaco.A.2
[INFO] The file was moved to '471dbe59.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253596.exe
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.EG.8
[INFO] The file was moved to '471dbe5b.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253604.exe
[DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
[INFO] The file was moved to '471dbe5f.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP648\A0253631.dll
[DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
[INFO] The file was moved to '471dbe61.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP658\A0256558.exe
[DETECTION] Contains detection pattern of the dropper DR/Zlob.Gen
[INFO] The file was moved to '471dbe8e.qua'!
C:\WINDOWS\system32\efcyaxy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\pmnkifd.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4759c3ef.qua'!
C:\WINDOWS\system32\wvusrrr.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4760c410.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'G:\' <Sauvegarde>
End of the scan: samedi 15 septembre 2007 13:39
Used time: 1:41:26 min
The scan has been done completely.
8053 Scanning directories
218857 Files were scanned
16 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
0 files were deleted
0 files were repaired
12 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
218841 Files not concerned
1244 Archives were scanned
6 Warnings
0 Notes
AntiVir PersonalEdition Classic
Report file date: samedi 15 septembre 2007 11:58
Scanning for 1070955 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: PERSO-5157E8835
Version information:
BUILD.DAT : 268 15604 Bytes 31/08/2007 13:04:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 11:32:40
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 11:32:46
ANTIVIR2.VDF : 6.39.1.120 1918464 Bytes 12/09/2007 21:36:04
ANTIVIR3.VDF : 6.39.1.133 109568 Bytes 14/09/2007 21:36:04
AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 29/08/2007 16:09:10
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 15 septembre 2007 11:58
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'dslmon.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'LowLight.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'LVComS.exe' - '1' Module(s) have been scanned
Scan process 'StartMessager.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
47 processes with 47 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\efcyaxy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\efcyaxy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
The registry was scanned ( '43' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Caroline\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-42db2dea-68e3a961.zip
[0] Archive type: ZIP
--> BnnnnBaa.class
[DETECTION] Is the Trojan horse TR/Java.Downloader.Gen
--> VaannnaaBaa.class
[DETECTION] Is the Trojan horse TR/ClassLoader
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP625\A0249637.exe
[0] Archive type: ZIP SFX (self extracting)
--> resource.0000.pkg
[1] Archive type: ZIP
--> RPCInstall_US.dll
[DETECTION] Contains suspicious code HEUR/Malware
--> RPCInstall_INTL.dll
[DETECTION] Contains suspicious code HEUR/Malware
--> ShopperReports.exe
[DETECTION] Contains detection pattern of the dropper DR/Shopper.K.13
--> osfreez118.exe
[DETECTION] Contains detection pattern of the dropper DR/OneStep.A
[INFO] The file was moved to '471dbe29.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0252772.dll
[DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
[INFO] The file was moved to '471dbe50.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0252775.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '471dbe52.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0252776.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '471dbe54.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253572.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.11776
[INFO] The file was moved to '471dbe57.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253595.exe
[DETECTION] Is the Trojan horse TR/Dldr.Nonaco.A.2
[INFO] The file was moved to '471dbe59.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253596.exe
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.EG.8
[INFO] The file was moved to '471dbe5b.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP647\A0253604.exe
[DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
[INFO] The file was moved to '471dbe5f.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP648\A0253631.dll
[DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
[INFO] The file was moved to '471dbe61.qua'!
C:\System Volume Information\_restore{DE8E013D-DB8D-44E7-B9E4-B9FDBCA37222}\RP658\A0256558.exe
[DETECTION] Contains detection pattern of the dropper DR/Zlob.Gen
[INFO] The file was moved to '471dbe8e.qua'!
C:\WINDOWS\system32\efcyaxy.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\pmnkifd.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4759c3ef.qua'!
C:\WINDOWS\system32\wvusrrr.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4760c410.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'G:\' <Sauvegarde>
End of the scan: samedi 15 septembre 2007 13:39
Used time: 1:41:26 min
The scan has been done completely.
8053 Scanning directories
218857 Files were scanned
16 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
0 files were deleted
0 files were repaired
12 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
218841 Files not concerned
1244 Archives were scanned
6 Warnings
0 Notes
QuelBeauPseudo
Messages postés
253
Date d'inscription
dimanche 20 mai 2007
Statut
Membre
Dernière intervention
8 juillet 2008
32
15 sept. 2007 à 15:15
15 sept. 2007 à 15:15
Bonjour.
Dans antivir il y a une option pour la recherche de "rootkits" enclenche la.
Va dans c/programs files/java et suprime le dossier java 1.5.0.3 normalement tu en a un autre qui s'appelle java 1.6.0 (tu le garde celui si), si (on sait jamais) java 1.6.0 n'est pas present n'efface pas java 1.5.0.3
Bon vundo et antivir on fait du ménage mais 3 fichiers n'ont pas put etre scanné et une saloperie a ete detectée mais n'a pas put etre effacée car non trouvée, je croit que sa sent le rootkit.
Donc refait un scan avec antivir (l'option antirootkit enclenchée cette fois si).
Lance les scans de "F-secure blacklight" et de "Panda anti rootkits" que tu trouvera tous deux ici:
securite
Deja 12 trojan mis en quarantaine... Sacrée demo de jeu... Le but de jeu est de desinfecter le pc...
Dans antivir il y a une option pour la recherche de "rootkits" enclenche la.
Va dans c/programs files/java et suprime le dossier java 1.5.0.3 normalement tu en a un autre qui s'appelle java 1.6.0 (tu le garde celui si), si (on sait jamais) java 1.6.0 n'est pas present n'efface pas java 1.5.0.3
Bon vundo et antivir on fait du ménage mais 3 fichiers n'ont pas put etre scanné et une saloperie a ete detectée mais n'a pas put etre effacée car non trouvée, je croit que sa sent le rootkit.
Donc refait un scan avec antivir (l'option antirootkit enclenchée cette fois si).
Lance les scans de "F-secure blacklight" et de "Panda anti rootkits" que tu trouvera tous deux ici:
securite
Deja 12 trojan mis en quarantaine... Sacrée demo de jeu... Le but de jeu est de desinfecter le pc...