Spyware tenace - Page 2

Précédent
  • 1
  • 2
Réponse 21 / 37
teemu
 
Pardon :)
Et merci beaucoup pour ton aide, ca va deja beaucoup mieux (accés au panneau de config, plus de message d'alertes)

BitDefender Online Scanner

Scan report generated at: Tue, Nov 13, 2007 - 21:42:02

Scan path: A:\;C:\;D:\;

Statistics

Time
00:47:35

Files
279374

Folders
8107

Boot Sectors
2

Archives
1548

Packed Files
10374

Results

Identified Viruses
9

Infected Files
71

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
70

Engines Info

Virus Definitions
870696

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\ELO\Application Data\pcpriv.exe
Infected with: Trojan.Generic.70831

C:\Documents and Settings\ELO\Application Data\pcpriv.exe
Disinfection failed

C:\Documents and Settings\ELO\Application Data\pcpriv.exe
Deleted

C:\Documents and Settings\ELO\Application Data\spyguard.exe
Infected with: Trojan.Generic.72290

C:\Documents and Settings\ELO\Application Data\spyguard.exe
Disinfection failed

C:\Documents and Settings\ELO\Application Data\spyguard.exe
Deleted

C:\Documents and Settings\teemu\Menu Démarrer\Programmes\Démarrage\findfast.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\Documents and Settings\teemu\Menu Démarrer\Programmes\Démarrage\findfast.exe
Disinfection failed

C:\Documents and Settings\teemu\Menu Démarrer\Programmes\Démarrage\findfast.exe
Deleted

C:\Program Files\xixduesb\iextsdux.dll
Infected with: Generic.Otuboh.0085C677

C:\Program Files\xixduesb\iextsdux.dll
Disinfection failed

C:\Program Files\xixduesb\iextsdux.dll
Delete failed

C:\rapport.txt
Infected with: Generic.Qhost.9F9F4520

C:\rapport.txt
Disinfection failed

C:\rapport.txt
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040957.exe
Infected with: Generic.Otuboh.Dropper.EA6EEDC0

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040957.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040957.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040966.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040966.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040966.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040968.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040968.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040968.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040970.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040970.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040970.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040971.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040971.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040971.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040974.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040974.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP124\A0040974.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041313.exe
Infected with: Generic.Otuboh.Dropper.EA6EEDC0

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041313.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041313.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041325.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041325.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041325.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041326.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041326.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041326.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041327.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041327.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041327.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041328.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041328.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0041328.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042323.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042323.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042323.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042324.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042324.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042324.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042325.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042325.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042325.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042326.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042326.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP126\A0042326.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042337.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042337.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042337.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042338.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042338.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042338.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042339.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042339.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042339.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042340.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042340.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042340.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042582.exe
Infected with: Trojan.Generic.72290

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042582.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP127\A0042582.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042604.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042604.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042604.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042605.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042605.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042605.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042606.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042606.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042606.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042607.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042607.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0042607.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043325.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043325.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043325.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043326.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043326.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043326.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043327.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043327.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043327.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043337.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043337.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043337.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043338.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043338.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043338.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043339.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043339.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043339.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043340.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043340.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP128\A0043340.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043419.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043419.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043419.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043420.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043420.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043420.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043421.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043421.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043421.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043422.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043422.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP129\A0043422.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043543.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043543.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043543.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043545.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043545.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043545.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043546.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043546.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043546.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043547.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043547.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0043547.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044350.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044350.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044350.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044351.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044351.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044351.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044352.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044352.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044352.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044353.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044353.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044353.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044380.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044380.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044380.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044381.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044381.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044381.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044382.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044382.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044382.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044383.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044383.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP130\A0044383.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044391.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044391.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044391.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044392.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044392.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044392.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044393.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044393.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044393.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044394.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044394.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044394.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044417.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044417.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044417.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044418.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044418.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044418.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044419.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044419.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044419.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044420.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044420.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044420.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044443.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044443.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044443.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044444.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044444.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044444.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044445.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044445.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044445.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044446.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044446.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044446.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044476.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044476.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP131\A0044476.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044617.exe
Infected with: Trojan.Generic.70831

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044617.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044617.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044618.exe
Infected with: Trojan.Generic.72290

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044618.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044618.exe
Deleted

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044619.exe
Infected with: Generic.Malware.SDYd!wdld.9437799C

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044619.exe
Disinfection failed

C:\System Volume Information\_restore{8F8A800B-B5D8-4BA0-B371-9437204CC635}\RP132\A0044619.exe
Deleted

C:\WINDOWS\system32\drivers\etc\hosts
Infected with: Generic.Qhost.1E807466

C:\WINDOWS\system32\drivers\etc\hosts
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts
Deleted

C:\WINDOWS\system32\drivers\etc\hosts.msn
Infected with: Generic.Qhost.7BF24B3A

C:\WINDOWS\system32\drivers\etc\hosts.msn
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.msn
Deleted

C:\WINDOWS\system32\shil.exe
Infected with: Win32.Worm.Rxbot.KU

C:\WINDOWS\system32\shil.exe
Disinfection failed

C:\WINDOWS\system32\shil.exe
Deleted
0
Réponse 22 / 37
clownface Messages postés 1490 Statut Membre 73
 
desactive ta restauration systeme (clic droit sur le poste de travail / propriété, onglet restauration du systeme tu coches "désactiver"
ensuite tu redemarres en mode sans echec et supprimes ce dossier : C:\Program Files\xixduesb

tu reviens en mode normal et refais un scan bitdefender
0
Réponse 23 / 37
teemu
 
Bonjour,

BitDefender Online Scanner

Scan report generated at: Tue, Nov 13, 2007 - 23:43:26

Scan path: A:\;C:\;D:\;

Statistics

Time
00:48:27

Files
270428

Folders
7920

Boot Sectors
2

Archives
1476

Packed Files
10170

Results

Identified Viruses
1

Infected Files
1

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
1

Engines Info

Virus Definitions
870829

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\RECYCLER\S-1-5-21-776561741-746137067-682003330-1003\Dc9\iextsdux.dll
Infected with: Generic.Otuboh.0085C677

C:\RECYCLER\S-1-5-21-776561741-746137067-682003330-1003\Dc9\iextsdux.dll
Disinfection failed

C:\RECYCLER\S-1-5-21-776561741-746137067-682003330-1003\Dc9\iextsdux.dll
Deleted
0
Réponse 24 / 37
clownface Messages postés 1490 Statut Membre 73
 
Bonjour,

relances hijackthis
coches et fixes toutes les lignes O18 correspondantes à ta web cam, sauf celle-ci :

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

télécharge superantispyware (version free) : lien + tuto : https://www.malekal.com/?s=SUPERAntiSpyware
fais un scan comme indiqué dans le tuto
montres ensuite un nouveau rapport hijackthis.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 37
teemu
 
Bonjour,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:57:53, on 15/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/md5auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {2F02D978-0FF6-80F7-60BB-0426224AB7B3} - (no file)
O2 - BHO: (no name) - {5054F860-748D-4840-B7B4-DDDB428421AF} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [jczmxwfu] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\jczmxwfu.dll"
O4 - HKLM\..\Run: [zmjaleju] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\zmjaleju.dll"
O4 - HKLM\..\Run: [hynmtghs] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hynmtghs.dll"
O4 - HKLM\..\Run: [otijinob] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\otijinob.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://m6video.m6.fr/1click/install/files/installer2.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5054F860-748D-4840-B7B4-DDDB428421AF} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 26 / 37
clownface Messages postés 1490 Statut Membre 73
 
Bonjour,

tu vas aller sur ce site : https://www.virustotal.com/gui/

et tu vas faire analyser ces fichiers :
C:\Documents and Settings\All Users\Application Data\jczmxwfu.dll
C:\Documents and Settings\All Users\Application Data\zmjaleju.dll
C:\Documents and Settings\All Users\Application Data\hynmtghs.dll
C:\Documents and Settings\All Users\Application Data\otijinob.dll

il faudra ensuite les supprimer (en mode sans echec s'il refuse de le faire en mode normal)
0
Réponse 27 / 37
teemu
 
Bonjour,

OK fichiers suprimés.
0
Réponse 28 / 37
clownface Messages postés 1490 Statut Membre 73
 
Bonjour,

postes un nouveau rapport hijackthis stp
0
Réponse 29 / 37
teemu
 
Bonjour,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:04, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackThis\HijackThis.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/md5auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {2F02D978-0FF6-80F7-60BB-0426224AB7B3} - (no file)
O2 - BHO: (no name) - {5054F860-748D-4840-B7B4-DDDB428421AF} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [jczmxwfu] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\jczmxwfu.dll"
O4 - HKLM\..\Run: [zmjaleju] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\zmjaleju.dll"
O4 - HKLM\..\Run: [hynmtghs] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hynmtghs.dll"
O4 - HKLM\..\Run: [otijinob] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\otijinob.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://m6video.m6.fr/1click/install/files/installer2.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5054F860-748D-4840-B7B4-DDDB428421AF} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
0
Réponse 30 / 37
clownface Messages postés 1490 Statut Membre 73
 
Bonsoir,

relance hijackthis, coches ces lignes :
O2 - BHO: (no name) - {2F02D978-0FF6-80F7-60BB-0426224AB7B3} - (no file)
O2 - BHO: (no name) - {5054F860-748D-4840-B7B4-DDDB428421AF} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
O16 - DPF: {5054F860-748D-4840-B7B4-DDDB428421AF} -
ensuite cliques sur fix checked.

on va changer d'antivirus, sinon on va pas s'en sortir : http://forum.malekal.com/ftopic4192.php
tu feras un scan et postera le rapport

il te faudrait aussi un parefeu : http://www.commentcamarche.net/faq/sujet 3486 securite le parefeu de windows xp
0
Réponse 31 / 37
teemu
 
Bonjour,

Antivir installé à la place d'Avast
Zone Alarm remplace le pare-feu windows

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:27, on 18/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\GUILD WARS\Gw.exe
C:\WINDOWS\System32\msiexec.exe
C:\hijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/md5auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [jczmxwfu] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\jczmxwfu.dll"
O4 - HKLM\..\Run: [zmjaleju] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\zmjaleju.dll"
O4 - HKLM\..\Run: [hynmtghs] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hynmtghs.dll"
O4 - HKLM\..\Run: [otijinob] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\otijinob.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://m6video.m6.fr/1click/install/files/installer2.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 32 / 37
clownface Messages postés 1490 Statut Membre 73
 
Bonjour,

tu as fait un scan avec antivir ? il y a un rapport ?

es-tu sur que tu avais supprimé les 4 fichiers ? (message 26)
s'ils sont encore là fais ceci :

Télécharge Pocket KillBox : https://www.bleepingcomputer.com/download/linux/
dézippes le sur ton bureau.
Démo animée : http://pageperso.aol.fr/balltrap34/killbox.htm

Ouvre Pocket Killbox

Copie le texte en gras ci-dessous (important fais bien un copier pour eviter tout type d'erreur) :

C:\Documents and Settings\All Users\Application Data\jczmxwfu.dll
C:\Documents and Settings\All Users\Application Data\zmjaleju.dll
C:\Documents and Settings\All Users\Application Data\hynmtghs.dll
C:\Documents and Settings\All Users\Application Data\otijinob.dll

Clique sur le menu 'File' de KillBox (en haut à gauche) et choisis Paste from clipboard
Sélectionne "Delete on reboot"

Clique sur le bouton : All Files (!important!)

Clique maintenant sur le bouton Kill (cercle rouge avec un X blanc)
Killbox va te demander "...Would like to Reboot now ?", clique YES et attends le redémarrage.
Si tu ne reçois pas ce message, redémarre le PC normalement.

2/ Supprime ce dossier :

C:\!KillBox

3/ Vide ta corbeille et redémarre ton pc

0
Réponse 33 / 37
teemu
 
Bonjour,
Voici, j'ai fait comme expliqué ci-dessus et voila ce que me dit KillBox,

---------------------------
PendingFileRenameOperations
---------------------------
PendingFileRenameOperations Registry Data has been Removed by External Process!
---------------------------
OK
---------------------------
Je suis sur d'avoir supprimé ces fichiers comme demandé message 26,
Je te poste le rapport Antivir au plus vite.
0
Réponse 34 / 37
clownface Messages postés 1490 Statut Membre 73
 
ok dans ce cas tu pourras cocher/fixer ces lignes avec hijakcthis :

O4 - HKLM\..\Run: [jczmxwfu] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\jczmxwfu.dll"
O4 - HKLM\..\Run: [zmjaleju] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\zmjaleju.dll"
O4 - HKLM\..\Run: [hynmtghs] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\hynmtghs.dll"
O4 - HKLM\..\Run: [otijinob] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\otijinob.dll"
0
Réponse 35 / 37
teemu
 
Bonjour,

ok lignes fixées avec hijackThis,
Voici le rapport Antivir :
AntiVir PersonalEdition Classic
Report file date: dimanche 18 novembre 2007 18:37

Scanning for 835736 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: BM7ACOQIYXN0X1B

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 18 novembre 2007 18:37

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'NAVICL~1.EXE' - '1' Module(s) have been scanned
Scan process 'UStorSrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'naviagent.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '24' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\uytp.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.69120.5
[INFO] The file was moved to '47b4886b.qua'!

End of the scan: dimanche 18 novembre 2007 19:46
Used time: 1:09:02 min

The scan has been done completely.

7957 Scanning directories
316647 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
316646 Files not concerned
1851 Archives were scanned
1 Warnings
54 Notes

Et dernier rapport HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:12, on 18/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/md5auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://m6video.m6.fr/1click/install/files/installer2.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 36 / 37
clownface Messages postés 1490 Statut Membre 73
 
ton rapport hijackthis est propre, tu as encore des soucis ?

il te reste java à mettre à jour : http://www.commentcamarche.net/forum/affich 3711157 maj critique java par jalobservateur#0
0
Réponse 37 / 37
teemu
 
Bonjour,

Plus de soucis, Maj java ok

Merci beaucoup de ta patience, et de ton investissement : Un grand bravo.
0
Précédent
  • 1
  • 2