Virus : Instant Messenger Names

Fermé
JoOjoO - 3 janv. 2008 à 15:05
cgui33 Messages postés 1174 Date d'inscription vendredi 8 avril 2005 Statut Membre Dernière intervention 2 avril 2009 - 9 janv. 2008 à 20:58
Bonjour,
Je suis infecté par Instant Messenger Names, un virus qui sur msn envoie à tous mes contacts un message en même temps. Cela bloque msn messenger et il devient impossible de l'utiliser. Je précise que ce message contient un lien envoyant vers un site pour télécharger un logiciel qui est en fait ce même virus! Et c'est justement de cette manière que je l'ai attrapé... Bref, depuis deux jours je fait de multiples analyses avec de multiples logiciels, mais le virus est toujours là! Je ne sais plus quoi faire et je vous demande donc votre aide. Merci d'avance!

47 réponses

tristan07 Messages postés 883 Date d'inscription mardi 27 novembre 2007 Statut Membre Dernière intervention 14 septembre 2012 35
3 janv. 2008 à 15:29
passe un coup avec msn.fix pour cela fait tout ce qui t'est indiquer ici: https://www.malekal.com/supprimer-virus-desinfecter-pc/
0
Je vais maintenant vous dire dans l'ordre tout ce que j'ai fait :
D'abord j'ai supprimer le dossier "Instant Messenger Names" dans "Programs Files" ;
Ensuite j'ai fait une analyse avec mon antivirus, "McAfee". Résultat : il me dit qu'il a trouvé "Instant Messenger Names" et je l'ai supprimé ;
Après j'ai fait une analysse avec "Task Manager" et j'ai supprimé les éléments dangeureux. Je n'ai pas de rapport ;
J'ai fait une analyse avec "Ad-Aware 2007" et j'ai supprimé les fichiers détectés. Je n'ai pas de rapport ;
J'ai fait une analyse avec "CCleaner" et j'ai supprimé les éléments détectés. Rapport ci-dessous ;
J'ai analysé mon ordinateur avec "AVG Anti-Spyware" et j'ai supprimé les éléments détectés. Rapport ci-dessous ;
J'ai fait un rapport avec "Hijackthis" ci-dessous.
0
Excusez moi je me suis trompé je n'ai pas de rapport pour "CCleaner" mai j'ai un autre rapport de "BitDefender", un antivirus en ligne.
Je vous copie tous les rapports ci-dessous.
0
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 01:40:02 03/01/2008

+ Résultat de l'analyse:



HKU\S-1-5-21-796107124-3522498309-724594518-1008\Software\salm -> Adware.180Solutions : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Common -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Common\Time -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Common\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\EUI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Install -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\PI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg800 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg801 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg802 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg803 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg807 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg808 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg810 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg811 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg812 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg818 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg819 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg824 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg825 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg826 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg827 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg828 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg829 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg830 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg842 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg843 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg844 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg845 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg847 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg848 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg849 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg856 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg857 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\init -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\links -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\options -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HbTools\updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HostOI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HostOL -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HostOL\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\HostOL\soho -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Time -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Time\HostIE -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Time\HostOI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Time\HostOL -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\ShopperReports -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\ShopperReports\ShopperReports -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-796107124-3522498309-724594518-1006\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Nettoyé.
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0450078.exe -> Adware.WinFixer : Nettoyé.
C:\Program Files\OneStepSearch\onestep.dll -> Not-A-Virus.Adware.OneStep : Nettoyé.
C:\Documents and Settings\khalil\Local Settings\Temp\ICD1.tmp\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Nettoyé.
C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Nettoyé.
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP630\A0416857.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé.
C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.334:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.58:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.63:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.64:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@atdmt[3].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.707:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\khalil\Local Settings\Temp\Cookies\khalil@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.147:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.148:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\marie jose\Cookies\marie jose@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@real[2].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.56:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.57:C:\Documents and Settings\joseph\Application Data\Mozilla\Firefox\Profiles\w6pt0p5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\khalil\Local Settings\Temp\Cookies\khalil@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\marie jose\Cookies\marie jose@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\khalil\Cookies\khalil@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
BitDefender Online Scanner







Scan report generated at: Thu, Jan 03, 2008 - 13:46:48









Scan path: C:\;D:\;E:\;















Statistics

Time


02:36:43

Files


394250

Folders


14228

Boot Sectors


6

Archives


8204

Packed Files


18350







Results

Identified Viruses


5

Infected Files


10

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


10







Engines Info

Virus Definitions


885212

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins


14

Archive plugins


38

Unpack plugins


7

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\47SYHGZH\upgrade[1].cab=>upgrade.exe=>(NSIS o)=>lzma_solid_nsis0001


Infected with: Trojan.Dloader.AMA

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\47SYHGZH\upgrade[1].cab=>upgrade.exe=>(NSIS o)=>lzma_solid_nsis0001


Disinfection failed

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\47SYHGZH\upgrade[1].cab=>upgrade.exe=>(NSIS o)=>lzma_solid_nsis0001


Deleted

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\47SYHGZH\upgrade[1].cab=>upgrade.exe=>(NSIS o)


Update failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP611\A0374374.exe


Detected with: Adware.Navipromo.BYT

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP611\A0374374.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP611\A0374374.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP638\A0434570.exe


Detected with: Adware.Navipromo.BYZ

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP638\A0434570.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP638\A0434570.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferInstaller.exe


Infected with: Trojan.Adclicker.D

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferInstaller.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferInstaller.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)


Updated

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferUnInstaller.exe


Infected with: Trojan.Adclicker.D

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferUnInstaller.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferUnInstaller.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)


Updated

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>2.exe


Update failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>1.exe


Infected with: Dropped:Trojan.Clicker.Small.IZ

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>1.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)=>1.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449780.exe=>(RAR Sfx o)


Update failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferInstaller.exe


Infected with: Trojan.Adclicker.D

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferInstaller.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferInstaller.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)


Updated

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferUnInstaller.exe


Infected with: Trojan.Adclicker.D

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferUnInstaller.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)=>SurferUnInstaller.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe=>(ZIP Sfx o)


Updated

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>2.exe


Update failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>1.exe


Infected with: Dropped:Trojan.Clicker.Small.IZ

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>1.exe


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)=>1.exe


Deleted

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0449781.exe=>(RAR Sfx o)


Update failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0450087.dll


Infected with: Trojan.Dloader.AMA

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0450087.dll


Disinfection failed

C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP653\A0450087.dll


Deleted
0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:12, on 03/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\DOCUME~1\joseph\LOCALS~1\Temp\spoolsv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\DOCUME~1\joseph\LOCALS~1\Temp\bwgo0000b054.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=SECURITOO:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O2 - BHO: (no name) - {59619D5F-5B0F-C2DF-BBB4-C15A5E08769E} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Microsoft Office] C:\DOCUME~1\joseph\LOCALS~1\Temp\spoolsv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://media.grab.com/media/35f4a8/games/files/1147/axhost.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\fswsclds.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OneStep Search Service - Unknown owner - C:\Program Files\OneStepSearch\onestep.exe (file missing)
0
Merci de ton aide tristan07, je vais utiliser "msn fix" et je verrai si le virus est encore là ou pas.
0
tristan07 Messages postés 883 Date d'inscription mardi 27 novembre 2007 Statut Membre Dernière intervention 14 septembre 2012 35
3 janv. 2008 à 15:40
fais le scan avec msn.fix comme je te l'ai dit
0
tristan07 Messages postés 883 Date d'inscription mardi 27 novembre 2007 Statut Membre Dernière intervention 14 septembre 2012 35
3 janv. 2008 à 15:41
ok désolé j'avais pas vu le message...
0
J'ai un problème avec "msn fix" :
Je le lance , tout ce passe bien. Jappuie sur la touche R puis sur la touche Entrée, rien ne se passe.
0
tristan07 Messages postés 883 Date d'inscription mardi 27 novembre 2007 Statut Membre Dernière intervention 14 septembre 2012 35
3 janv. 2008 à 16:06
bon ben fais un scan online avec kaspersky alors :https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr sa prend du temps c'est normal
0
tristan07 Messages postés 883 Date d'inscription mardi 27 novembre 2007 Statut Membre Dernière intervention 14 septembre 2012 35
3 janv. 2008 à 16:35
alors du nouveau?
0
cgui33 Messages postés 1174 Date d'inscription vendredi 8 avril 2005 Statut Membre Dernière intervention 2 avril 2009 10
3 janv. 2008 à 19:02
Salut JoOjoO (et Tristan07)

Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe

Ensuite je pense que l'on pourrait faire un peu de ménage là-dedans (pour éclaircir !)

Relance HijackThis
Do a system scan only
Coches toutes ces lignes (te trompes pas !) (Aide : toutes les lignes 018 sont à cocher !)

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O2 - BHO: (no name) - {59619D5F-5B0F-C2DF-BBB4-C15A5E08769E} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [Microsoft Office] C:\DOCUME~1\joseph\LOCALS~1\Temp\spoolsv.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://media.grab.com/media/35f4a8/games/files/1147/axhost.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {AF0E7C4F-C8EA-4DCC-B7E7-E3E05B96951A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\fswsclds.exe (file missing)
O23 - Service: OneStep Search Service - Unknown owner - C:\Program Files\OneStepSearch\onestep.exe (file missing)

Enfin ... oui je sais ça fait beaucoup (mais je pense que l'on pourra en virer d'autres plus tard !)

Ensuite ferme toutes tes applications et
clic sur Fix checked

Ensuite lance OTmoveIT
Sélectionne les 2 lignes ci dessous :

C:\DOCUME~1\joseph\LOCALS~1\Temp\spoolsv.exe
C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll

--> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
fais un Clique-droit sur le cadre de gauche puis choisis Coller. (ou Ctrl+V).
Clique maintenant sur MoveIt!

Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.

Recherche windir32.exe sur le PC et détruit le (si tu peux !)

Et reposte un log Hijack
A+
0
Il m'est impossible de trouver la ligne
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exe

Serait-ce
04 - HKCU\..\Run [ctfmon.exe] C:\WINDOWSsystem32\ctfmon.exe
?
0
cgui33 Messages postés 1174 Date d'inscription vendredi 8 avril 2005 Statut Membre Dernière intervention 2 avril 2009 10
3 janv. 2008 à 21:59
NON
fais le reste tant pis ... on verra après !
A+
0
JoOjoO76 Messages postés 15 Date d'inscription jeudi 3 janvier 2008 Statut Membre Dernière intervention 5 janvier 2008
3 janv. 2008 à 22:36
Avec "OtMeveIt", je n'ai pas eu à redémarrer mais j'ai du redémarrer après "Fix Checked"

Je vais dans "Démarrer" "Rechercher" "Tous les fichiers et tous les dossiers",je tape "windir32.exe", "Rechercher"."La recherche est terminée. Il n'y a aucun résultat à afficher.
0
JoOjoO76 Messages postés 15 Date d'inscription jeudi 3 janvier 2008 Statut Membre Dernière intervention 5 janvier 2008
3 janv. 2008 à 22:38
rapport de "OTmoveIt"

File/Folder C:\DOCUME~1\joseph\LOCALS~1\Temp\spoolsv.exe not found.
C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll unregistered successfully.
C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll moved successfully.

Created on 01/03/2008 22:15:58
0
JoOjoO76 Messages postés 15 Date d'inscription jeudi 3 janvier 2008 Statut Membre Dernière intervention 5 janvier 2008
3 janv. 2008 à 22:38
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:33:58, on 03/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\DOCUME~1\khalil\LOCALS~1\Temp\bwgo0000b595.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02986FR_ZNxdm41465FR
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\fswsclds.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
cgui33 Messages postés 1174 Date d'inscription vendredi 8 avril 2005 Statut Membre Dernière intervention 2 avril 2009 10
3 janv. 2008 à 23:06
Re,
C'est plus clair mais ... on continue !
Relance HijackThis
Do a system scan only
Coches toutes ces lignes

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02986FR_ZNxdm41465FR
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\fswsclds.exe (file missing)

Ensuite ferme toutes tes applications et
clic sur Fix checked


Ensuite : MSNFIX
Télécharge MSNFix.zip (de !aur3n7) sur ton bureau
http://sosvirus.changelog.fr/MSNFix.zip

Dézippe-le en faisant un clic droit puis extraire ici.
Double-clique sur MSNfix.bat
Choisis l'option R. Si l'infection est détectée, il te suffit d'appuyer sur une touche du clavier. Un redémarrage du PC peut être demandé.
Le rapport est enregistré dans le même dossier que MSNfix (date.txt). Copie-colle son contenu dans ta prochaine réponse.

------
Si un virus est détecté, il te sera alors demandé de nettoyer l'ordinateur.
Un message d'erreur concernant la suppression impossible d'un fichier sera résolu par un redémarrage.
Après le nettoyage, la barre "Démarrer" s'efface puis réapparait, cela fait partie de la procédure de nettoyage.

Si la barre "Démarrer" ne s'affiche toujours pas, il suffit de faire
Ctrl + Alt + Suppr sous Windows XP
pour ouvrir le Gestionnaire de tâches Windows.

Fait ensuite "Fichier" puis "Nouvelle tâche" et entre explorer.exe dans la fenêtre qui apparait et clic sur "OK".
N'oublie pas de redémarrer l' ordinateur pour achever le nettoyage !


Et reposte un log Hijack en suivant

A+
Et dis moi ce qui se passe sur le PC
0
JoOjoO76 Messages postés 15 Date d'inscription jeudi 3 janvier 2008 Statut Membre Dernière intervention 5 janvier 2008
3 janv. 2008 à 23:32
Dans "msn fix", lorsque j'appue sur "R" puis ur" Entrée" rien n se passe.
0