Trojan.win32.obfuscated.gx - Page 3

Résolu
Précédent
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
Réponse 41 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
ffiche tous les fichiers et dossiers :
clique sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage

[Coche] « afficher les dossiers et fichiers cachés »

[Décoche] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

[Décoche] « masquer les extensions dont le type est connu »

Puis fais [appliquer] pour valider les changements.

Et [Ok]
=

cherche ce fichier et supprime-le !

C:\WINDOWS\system32\yuwdyonds.exe

----------------------------------------
Ouvre ce lien pour scanner ton PC avec un BitDefender en ligne (uniquement sous Internet Explorer) :

https://www.bitdefender.com/toolbox/

Utilisation :
Cliquer sur "J'accepte" puis accepter également l'ActiveX bloqué par la barre anti-popup du SP2 qui clignotera en haut et l'installer.
Ensuite, cliquer sur "Cliquez ici pour scanner".
Patienter jusqu'à la fin du scan qui peut durer assez longtemps...

Copier/coller le rapport entier sur le forum.

Tutoriel en images ici : http://pageperso.aol.fr/rginformatique/mapage/defender.htm (merci à Balltrap34 pour cette réalisation)
[Recoche] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

Relance Hijackthis et copie/colle un nouveau rapport sur le forum.

à+, ça risque d'etre un peu long
0
Réponse 42 / 117
emanjamin2002
 
Voici les rapports. Oui ca a pris plus d'une heure. A la fin, j'ai remis les sélections in place sous OPTION FILES.

BitDefender Online Scanner

Scan report generated at: Tue, Feb 12, 2008 - 15:08:17

Scan path: C:\;D:\;

Statistics

Time
01:19:23

Files
281523

Folders
7384

Boot Sectors
2

Archives
10974

Packed Files
25281

Results

Identified Viruses
25

Infected Files
50

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
50

Engines Info

Virus Definitions
980444

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
16

Archive plugins
41

Unpack plugins
7

E-mail plugins
6

System plugins
5

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\1050.qit
Detected with: Adware.MSNSkinner.A

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\1050.qit
Deleted

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\204.qit
Detected with: Adware.Zango.SC

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\204.qit
Deleted

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\207.qit
Detected with: Adware.Mywebsearch.I

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\207.qit
Deleted

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\208.qit
Detected with: Adware.Mywebsearch.AQ

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\208.qit
Deleted

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\209.qit
Detected with: Adware.Zango.SC

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\209.qit
Deleted

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\211.qit
Detected with: Adware.Zango.SC

C:\Documents and Settings\Choquet\Application Data\AdwareAlert\Quarantine\11-02-2008-09-22-41\211.qit
Deleted

C:\Program Files\MSN Messenger\msimg32.dll
Detected with: Adware.Mywebsearch.G

C:\Program Files\MSN Messenger\msimg32.dll
Deleted

C:\Program Files\VirusHeat 3.9\VirusHeat 3.9.exe
Detected with: Adware.Spyfalcon.G

C:\Program Files\VirusHeat 3.9\VirusHeat 3.9.exe
Disinfection failed

C:\Program Files\VirusHeat 3.9\VirusHeat 3.9.exe
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097815.exe=>(NSIS o)=>zlib_nsis0001
Detected with: Adware.Hotbar.CR

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097815.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097815.exe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097815.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097816.exe=>(NSIS o)=>zlib_nsis0001
Detected with: Adware.Hotbar.CR

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097816.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097816.exe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097816.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097817.exe=>(NSIS o)=>zlib_nsis0001
Detected with: Adware.Hotbar.CR

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097817.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097817.exe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP558\A0097817.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP586\A0104692.dll
Detected with: Adware.Zango.AN

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP586\A0104692.dll
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP586\A0104692.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP586\A0104699.exe
Detected with: Adware.Zango.SB

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP586\A0104699.exe
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104970.DLL
Detected with: Application.MWS

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104970.DLL
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104970.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104971.DLL
Detected with: Adware.Mywebsearch.AL

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104971.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104973.DLL
Detected with: Adware.MyWebSearch.B

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104973.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104974.DLL
Detected with: Adware.Mywebsearch.AF

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104974.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104975.DLL
Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104975.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104980.DLL
Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104980.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104986.DLL
Detected with: Adware.Mywebsearch.AS

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104986.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104987.DLL
Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104987.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104990.DLL
Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104990.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104991.DLL
Detected with: Adware.Mywebsearch.AA

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104991.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104992.DLL
Detected with: Adware.Toolbar.MyWebSearch.AC

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104992.DLL
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104998.dll
Detected with: Adware.Hotbar.B

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104998.dll
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104998.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104999.dll
Detected with: Adware.Hotbar.B

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104999.dll
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0104999.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0105044.exe
Detected with: Adware.Navipromo.BZC

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0105044.exe
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP589\A0105044.exe
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105081.dll
Detected with: Adware.Zango.AN

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105081.dll
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105081.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105087.dll
Detected with: Adware.Zango.SE

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105087.dll
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105087.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105091.exe=>(NSIS o)=>lzma_solid_nsis0005
Detected with: Adware.Zango.AU

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105091.exe=>(NSIS o)=>lzma_solid_nsis0005
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105091.exe=>(NSIS o)=>lzma_solid_nsis0005
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP590\A0105091.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP592\A0109016.dll
Infected with: Trojan.Downloader.Codec.G

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP592\A0109016.dll
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP592\A0109016.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP596\A0112017.dll
Detected with: Adware.MSNSkinner.A

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP596\A0112017.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP596\A0112018.exe=>(NSIS o)=>lzma_solid_nsis0005
Detected with: Adware.Navipromo.BYH

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP596\A0112018.exe=>(NSIS o)=>lzma_solid_nsis0005
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP596\A0112018.exe=>(NSIS o)=>lzma_solid_nsis0005
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP596\A0112018.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP597\A0114018.dll
Detected with: Adware.Zango.AN

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP597\A0114018.dll
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP597\A0114018.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP597\A0114025.exe
Detected with: Adware.Zango.SB

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP597\A0114025.exe
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP605\A0137039.dll
Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP605\A0137039.dll
Deleted

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP605\A0137040.exe
Detected with: Adware.Spyfalcon.G

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP605\A0137040.exe
Disinfection failed

C:\System Volume Information\_restore{67EFE51A-F497-48AD-8DD5-8EEC54528088}\RP605\A0137040.exe
Deleted

C:\WINDOWS\pk_zip1.log=>(BASE64)=>Details.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip1.log=>(BASE64)=>Details.txt .exe
Deleted

C:\WINDOWS\pk_zip1.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip1.log
Update failed

C:\WINDOWS\pk_zip2.log=>(BASE64)=>Notice.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip2.log=>(BASE64)=>Notice.txt .exe
Deleted

C:\WINDOWS\pk_zip2.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip2.log
Update failed

C:\WINDOWS\pk_zip3.log=>(BASE64)=>Important.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip3.log=>(BASE64)=>Important.txt .exe
Deleted

C:\WINDOWS\pk_zip3.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip3.log
Update failed

C:\WINDOWS\pk_zip4.log=>(BASE64)=>Bill.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip4.log=>(BASE64)=>Bill.txt .exe
Deleted

C:\WINDOWS\pk_zip4.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip4.log
Update failed

C:\WINDOWS\pk_zip5.log=>(BASE64)=>Data.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip5.log=>(BASE64)=>Data.txt .exe
Deleted

C:\WINDOWS\pk_zip5.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip5.log
Update failed

C:\WINDOWS\pk_zip6.log=>(BASE64)=>Part-2.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip6.log=>(BASE64)=>Part-2.txt .exe
Deleted

C:\WINDOWS\pk_zip6.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip6.log
Update failed

C:\WINDOWS\pk_zip7.log=>(BASE64)=>Textfile.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip7.log=>(BASE64)=>Textfile.txt .exe
Deleted

C:\WINDOWS\pk_zip7.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip7.log
Update failed

C:\WINDOWS\pk_zip8.log=>(BASE64)=>Informations.txt .exe
Infected with: Win32.Netsky.AA@mm

C:\WINDOWS\pk_zip8.log=>(BASE64)=>Informations.txt .exe
Deleted

C:\WINDOWS\pk_zip8.log=>(BASE64)
Updated

C:\WINDOWS\pk_zip8.log
Update failed

C:\WINDOWS\system32\cbqozc.exe
Detected with: Adware.Navipromo.BZC

C:\WINDOWS\system32\cbqozc.exe
Disinfection failed

C:\WINDOWS\system32\cbqozc.exe
Deleted

C:\WINDOWS\system32\exavejrpf.exe
Detected with: Adware.Navipromo.BYT

C:\WINDOWS\system32\exavejrpf.exe
Disinfection failed

C:\WINDOWS\system32\exavejrpf.exe
Deleted

C:\WINDOWS\system32\gmftuax.exe
Detected with: Adware.Navipromo.BYZ

C:\WINDOWS\system32\gmftuax.exe
Disinfection failed

C:\WINDOWS\system32\gmftuax.exe
Deleted

C:\WINDOWS\system32\graxpza.exe
Detected with: Adware.Navipromo.BZC

C:\WINDOWS\system32\graxpza.exe
Disinfection failed

C:\WINDOWS\system32\graxpza.exe
Deleted

C:\WINDOWS\system32\vzomunnfnm.exe
Detected with: Adware.Navipromo.BZC

C:\WINDOWS\system32\vzomunnfnm.exe
Disinfection failed

C:\WINDOWS\system32\vzomunnfnm.exe
Deleted

HIJACTHIS REPORT:
--------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:29, on 2008-02-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Sysem Player - {861EA552-6309-490A-AC97-1F574E730CF1} - C:\WINDOWS\sysvol32.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-ABCD-7DD20B862223} - C:\Program Files\Helper\1202692834.dll (file missing)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O3 - Toolbar: Web Application - {81705D67-3F73-4983-859B-97D0922E5ABE} - C:\Program Files\NetProject\wamdl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BackupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1c674015c91a44aba22c729f8d68bc75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1c674015c91a44aba22c729f8d68bc75
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: didact - {747e1fbe-b70f-441d-bbca-6e536c04924a} - C:\WINDOWS\system32\wuuawkz.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett Packard Company - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 43 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
sauvegarde ta base de registre avant de faire les manips ci dessous.

* télécharge ERUNT

https://www.zebulon.fr/telechargements/utilitaires/systeme-utilitaires/erunt.html
tuto
http://pageperso.aol.fr/loraline60/tuto_erunt.htm

puis

Sélectionne le texte suivant :( en gras)

file::

C:\Program Files\VirusHeat 3.9
C:\Program Files\NetProject
C:\Program Files\AdwareAlert

registry::

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler ]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"=-
"AdwareAlert"=-

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-note (programme>Accessoire>bloc-note).
* Colle le texte copié dans ce bloc-note (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt
* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe
* Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: Poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
0
Réponse 44 / 117
emanjamin2002
 
Bonsoir,
je n'ai pas encore exécuté les directions parce que vous me dites de sélectioner le texte suivant : (en gras) et ensuite il y a file : c:/.... et ensuite plus tard Registry : ..........

dois je inclure le tout incluant file :...... et registry .... ou bien seulement le texte après Registry.

Je demande car sur l'email les caractères gras ne se voit pas donc je ne veux pas faire d'erreur. Merci de confirmer les directions.

Emmanuel
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
fait attention avec les email, des fois il peut y avoir des changements sur le post ( une dition pour ajouter ou enlever)

dons il est conseillerde venir voir sur le forum

selectionne ce qui est entre les * mais pas les *

*****************************************
file::

C:\Program Files\VirusHeat 3.9
C:\Program Files\NetProject
C:\Program Files\AdwareAlert

registry::

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler ]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"=-
"AdwareAlert"=-
*******************************

voila
0
Réponse 46 / 117
emanjamin2002
 
J'espère que tout est correct. Je ne trouvais pas le ComboxFix.exe. J'ai le dossier ComboFix mais pas avec le exe. La première fois que j'ai fait combofix, l'ordi avait fait le démarrage par lui-même donc j'ai fait la même chose et lorsque la fenêtre s'est ouverte, j'ai mis le bloc note avec le nom que vous m'aviez demandé dedans et le bloc note s'est ouvert.

Voici le rapport

ComboFix 08-02-13.1 - Choquet 2008-02-12 21:25:25.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.133 [GMT 1:00]
Endroit: C:\Documents and Settings\Choquet\Local Settings\Temporary Internet Files\Content.IE5\6P48OMVH\ComboFix[1].exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\Choquet\Application Data\DriveCleaner 2006 Free
C:\Documents and Settings\Choquet\Application Data\DriveCleaner 2006 Free\Logs\update.log
C:\Documents and Settings\Choquet\err.log
C:\Documents and Settings\Choquet\ravmonlog
C:\Program Files\Fichiers communs\{3E852~1
C:\Program Files\Fichiers communs\{7E852~1
C:\WINDOWS\system32\cikgdmvnc_navfx.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_COM+_MESSAGES

((((((((((((((((((((((((((((( Fichiers créés 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
.

2008-02-12 20:53 . 2008-02-12 21:00 <REP> d-------- C:\Program Files\ERUNT
2008-02-12 13:47 . 2008-02-12 13:47 <REP> d-------- C:\WINDOWS\LastGood
2008-02-12 13:47 . 2008-02-12 15:24 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-02-12 11:08 . 2008-02-12 11:11 <REP> d-------- C:\Documents and Settings\Choquet\Application Data\LinkedIn
2008-02-12 11:07 . 2008-02-12 11:07 <REP> d-------- C:\Program Files\LinkedIn
2008-02-11 11:41 . 2004-12-08 17:27 32,123 --a------ C:\WINDOWS\system32\drivers\Capt905c.sys
2008-02-11 11:41 . 2004-05-07 15:31 24,382 --a------ C:\WINDOWS\system32\drivers\Camd905c.sys
2008-02-11 02:20 . 2008-02-12 14:34 <REP> d-------- C:\Program Files\VirusHeat 3.9
2008-02-11 02:20 . 2008-02-11 02:20 <REP> d-------- C:\Program Files\NetProject
2008-02-10 19:54 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-02-10 19:54 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-02-10 19:54 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-02-10 08:36 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-02-10 07:47 . 2008-02-10 07:47 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-02-09 21:25 . 2008-02-09 21:25 559,965 --a------ C:\Navilog1.exe
2008-02-09 21:24 . 2008-02-10 08:37 <REP> d-------- C:\Program Files\Navilog1
2008-02-09 13:56 . 2008-02-09 14:04 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-09 13:54 . 2008-02-09 13:54 <REP> d-------- C:\Program Files\Windows Live
2008-02-09 13:54 . 2008-02-09 13:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-09 13:50 . 2008-02-09 13:50 <REP> d-------- C:\Program Files\Kiwee Toolbar2
2008-02-09 13:50 . 2008-02-09 13:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar2
2008-02-09 09:51 . 2008-02-09 10:11 6,280 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-09 09:15 . 2008-02-09 09:15 <REP> d-------- C:\Program Files\Trend Micro
2008-02-09 01:50 . 2008-02-09 23:43 <REP> d-------- C:\Program Files\Enigma Software Group
2008-02-08 21:13 . 2008-02-06 17:45 19,696 --a------ C:\WINDOWS\system32\drivers\adwarealert.sys
2008-02-08 20:47 . 2008-02-11 02:22 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-08 20:43 . 2008-02-12 00:20 <REP> d-------- C:\Documents and Settings\Choquet\Application Data\AdwareAlert
2008-02-08 20:42 . 2008-02-12 00:20 <REP> d-------- C:\Program Files\AdwareAlert
2008-02-08 18:54 . 2008-02-08 18:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-08 18:53 . 2008-02-08 18:53 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-08 15:38 . 2008-02-08 15:38 <REP> d-------- C:\Documents and Settings\Choquet\Application Data\Grisoft
2008-02-08 15:38 . 2008-02-08 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-08 15:38 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-08 15:04 . 2008-02-08 15:04 50 --a------ C:\tmp.bat
2008-02-04 16:17 . 2008-02-04 16:17 0 --a------ C:\WINDOWS\graphedit.INI
2008-02-04 16:10 . 2003-05-03 13:01 61,555 --a------ C:\WINDOWS\system32\jpicpl32.cpl
2008-02-04 15:08 . 2003-04-24 02:00 2 ---hs---- C:\desktop.ini
2008-02-04 14:59 . 2008-02-04 14:59 40 --a------ C:\Auth.prof
2008-01-31 15:20 . 2008-01-31 17:47 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-31 15:20 . 2008-01-31 15:20 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-12 13:31 --------- d-----r C:\Program Files\MSN Messenger
2008-02-12 07:57 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-02-11 10:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-10 23:12 --------- d-----r C:\Program Files\Yahoo!
2008-02-10 23:12 --------- d-----r C:\Program Files\Random House, Inc
2008-02-10 23:12 --------- d-----r C:\Program Files\phelios
2008-02-10 23:12 --------- d-----r C:\Program Files\Logitech
2008-02-10 23:12 --------- d-----r C:\Program Files\HPQ
2008-02-10 23:12 --------- d-----r C:\Program Files\HP
2008-02-10 23:12 --------- d-----r C:\Program Files\Google
2008-02-10 23:12 --------- d-----r C:\Program Files\Ganymede
2008-02-10 23:12 --------- d-----r C:\Program Files\Easy Internet signup
2008-02-10 21:18 13,312 --s-a-w C:\WINDOWS\system32\wuuawkz.dll
2008-02-10 21:17 --------- d-----w C:\Program Files\Overland
2008-02-10 00:53 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-02-08 22:11 --------- d-----w C:\Program Files\iTunes
2008-02-08 17:56 --------- d-----w C:\Program Files\Lavasoft
2008-02-08 17:56 --------- d-----w C:\Documents and Settings\Choquet\Application Data\Lavasoft
2008-02-08 15:24 --------- d-----w C:\Program Files\WordBiz
2008-02-08 15:24 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-08 15:24 --------- d-----w C:\Program Files\Wanadoo
2008-02-08 15:24 --------- d-----w C:\Program Files\Virtools Web Player 3.5
2008-02-08 15:23 --------- d-----w C:\Program Files\VideoLAN
2008-02-08 15:23 --------- d-----w C:\Program Files\TLI
2008-02-08 15:23 --------- d-----w C:\Program Files\Synaptics
2008-02-08 15:23 --------- d-----w C:\Program Files\Symantec
2008-02-08 15:23 --------- d-----w C:\Program Files\Superball Arcade
2008-02-08 15:23 --------- d-----w C:\Program Files\Star Ball
2008-02-08 15:23 --------- d-----w C:\Program Files\Sony Corporation
2008-02-08 15:23 --------- d-----w C:\Program Files\Sonic
2008-02-08 15:23 --------- d-----w C:\Program Files\Securitoo
2008-02-08 15:23 --------- d-----w C:\Program Files\Redoubt
2008-02-08 15:23 --------- d-----w C:\Program Files\RecordNow!
2008-02-08 15:23 --------- d-----r C:\Program Files\Services en ligne
2008-02-08 15:22 --------- d-----w C:\Program Files\Real
2008-02-08 15:22 --------- d-----w C:\Program Files\QuickTime
2008-02-08 15:22 --------- d-----w C:\Program Files\quickmov
2008-02-08 15:22 --------- d-----w C:\Program Files\PC Camera
2008-02-08 15:22 --------- d-----w C:\Program Files\Norton AntiVirus
2008-02-08 15:22 --------- d-----w C:\Program Files\Neuf
2008-02-08 15:22 --------- d-----w C:\Program Files\NEC
2008-02-08 15:22 --------- d-----w C:\Program Files\Music Mixer 4
2008-02-08 15:22 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-08 15:21 --------- d-----w C:\Program Files\Microsoft Works
2008-02-08 15:20 --------- d-----w C:\Program Files\Microsoft Encarta
2008-02-08 15:20 --------- d-----w C:\Program Files\Micro Application
2008-02-08 15:20 --------- d-----w C:\Program Files\Ludiclub
2008-02-08 15:20 --------- d-----r C:\Program Files\microsoft frontpage
2008-02-08 15:19 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-02-08 15:19 --------- d-----w C:\Program Files\Java
2008-02-08 15:19 --------- d-----w C:\Program Files\iPod
2008-02-08 15:18 --------- d-----w C:\Program Files\InterVideo
2008-02-08 15:18 --------- d-----w C:\Program Files\InterActual
2008-02-08 15:18 --------- d-----w C:\Program Files\Intel
2008-02-08 15:18 --------- d-----w C:\Program Files\IncrediMail
2008-02-08 15:15 --------- d-----r C:\Program Files\Hits Collection
2008-02-08 15:15 --------- d-----r C:\Program Files\Hewlett-Packard
2008-02-08 15:13 --------- d-----w C:\Program Files\EACOM
2008-02-08 15:13 --------- d-----w C:\Program Files\EA SPORTS
2008-02-08 15:13 --------- d-----w C:\Program Files\DivX
2008-02-08 15:13 --------- d-----w C:\Program Files\Disney Interactive
2008-02-08 15:13 --------- d-----w C:\Program Files\CONEXANT
2008-02-08 15:13 --------- d-----w C:\Program Files\Common Files
2008-02-08 15:12 --------- d-----w C:\Program Files\Canon
2008-02-08 15:12 --------- d-----w C:\Program Files\Bunny Blast Demo
2008-02-08 15:12 --------- d-----w C:\Program Files\Brave Dwarves - Back For Treasures Demo
2008-02-08 15:12 --------- d-----w C:\Program Files\AtomixMP3
2008-02-08 15:12 --------- d-----w C:\Program Files\Arturia
2008-02-08 15:12 --------- d-----w C:\Program Files\Arcade Lines
2008-02-08 15:12 --------- d-----w C:\Program Files\Apple Software Update
2008-02-08 15:12 --------- d-----r C:\Program Files\BongoBoogie
2008-02-08 15:12 --------- d-----r C:\Program Files\BearShare Applications
2008-02-08 15:11 --------- d-----w C:\Program Files\Alwil Software
2008-02-08 15:11 --------- d-----w C:\Program Files\Alawar
2008-02-08 15:11 --------- d-----r C:\Program Files\AirHockey 3D
2008-02-08 15:11 --------- d-----r C:\Program Files\ACE Mega CoDecS Pack
2008-02-08 15:10 --------- d-----w C:\Program Files\Absolutist.com
2008-02-04 15:34 --------- d-----w C:\Program Files\eMule
2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2008-01-06 17:58 --------- d-----w C:\Program Files\Fichiers communs\Novell Shared
2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-12-01 14:46 286,208 -c--a-w C:\WINDOWS\system32\zdsbjnbw.exe
2007-11-28 07:39 298,496 -c--a-w C:\WINDOWS\system32\mmdbolua.exe
2007-11-24 18:11 160,968 -c--a-w C:\WINDOWS\system32\okilgxi.exe
2007-09-11 11:24 560 -c--a-w C:\Documents and Settings\Choquet\Application Data\ViewerApp.dat
2006-09-05 11:28 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2005-02-18 08:01 47,776 -c--a-w C:\Documents and Settings\Choquet\Application Data\GDIPFONTCACHEV1.DAT
2003-04-24 01:00 2 --sh--w C:\Program Files\Fichiers communs\desktop.ini
2003-04-24 01:00 2 --sh--w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2008-01-24 16:09 248976 --a------ C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{861EA552-6309-490A-AC97-1F574E730CF1}]
C:\WINDOWS\sysvol32.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F10587E9-0E47-4CBE-ABCD-7DD20B862223}]
C:\Program Files\Helper\1202692834.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
{81705D67-3F73-4983-859B-97D0922E5ABE}

[HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

[HKEY_CLASSES_ROOT\clsid\{81705d67-3f73-4983-859b-97d0922e5abe}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll [2008-01-24 16:09 248976]

[HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"BackupNotify"="C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2004-01-08 19:34 32768]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-12-14 10:39 36864]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 20:45 1211176]
"AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [2008-02-07 19:52 6386928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-10-30 09:46 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-10-30 09:33 118784]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [ ]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 00:01 110592]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-26 18:15 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-26 18:15 536576]
"CamMonitor"="C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe" [2002-10-06 23:23 90112]
"Share-to-Web Namespace Daemon"="C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 09:42 69632]
"HPHUPD05"="c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [ ]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2003-05-22 18:56 483328]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-04-30 10:32 208958]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-04-30 13:50 274432]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 13:54 241664]
"DXM6Patch_981116"="C:\WINDOWS\p_981116.exe" [1998-11-30 18:04 497376]
"MMTray"="MMTray.exe" [2003-03-25 06:49 53248 C:\WINDOWS\system32\MMTray.exe]
"MMTray2K"="MMTray2k.exe" [2003-03-25 06:49 57344 C:\WINDOWS\system32\MMTray2k.exe]
"MMTrayLSI"="MMTrayLSI.exe" [2003-03-25 06:49 53248 C:\WINDOWS\system32\MMTrayLSI.exe]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-09-14 19:24 180269]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11 49152]
"LVCOMSX"="C:\WINDOWS\System32\LVCOMSX.EXE" [2005-12-09 15:32 225280]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26 489472]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33 73728]
"LogitechCameraService(E)"="C:\WINDOWS\System32\ElkCtrl.exe" [2004-11-01 17:22 262144]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 06:49 106544 C:\WINDOWS\system32\tweakui.cpl]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-02 15:24 257088]
"KiweeHook"="C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe" [2008-01-24 16:08 48264]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2005-04-25 13:45 36040]

C:\Documents and Settings\Choquet\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [2005-10-20 12:04:08 38912]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 23:06:36 53248]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 22:31:38 241664]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-12-14 10:39:35 196608]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]
Picture Package Menu.lnk - C:\Documents and Settings\Choquet\Mes documents\Picture Package Menu\SonyTray.exe [2004-12-26 02:32:15 151552]
Picture Package VCD Maker.lnk - C:\Documents and Settings\Choquet\Mes documents\Picture Package Applications\Residence.exe [2004-12-26 02:32:10 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{747e1fbe-b70f-441d-bbca-6e536c04924a}"= C:\WINDOWS\system32\wuuawkz.dll [2008-02-10 22:18 13312]

R0 adwarealert;adwarealert;C:\WINDOWS\system32\DRIVERS\adwarealert.sys [2008-02-06 17:45]
R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
S3 archbus;NEC WMC USB_BJ1 Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\archbus.sys [2005-08-30 12:17]
S3 archmdm;NEC WMC USB_BJ1 Port Drivers;C:\WINDOWS\system32\DRIVERS\archmdm.sys [2005-08-30 12:17]
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 18:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 18:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 18:11]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 18:13]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 18:15]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys []
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{077ca9fe-a4a4-11dc-b86c-00c09f57acb0}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-11 23:19:18 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"
- C:\Program Files\AdwareAlert\AdwareAlert.exe
- C:\Program Files\AdwareAlert
"2008-02-01 08:19:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-12 20:20:06 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 21:33:03
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????6?9?4?8??p???? ???B???????????????B? ??????

Balayage des fichiers cachés ...

**************************************************************************
.
Temps d'accomplissement: 2008-02-13 21:38:50
ComboFix-quarantined-files.txt 2008-02-13 20:37:45
.
2008-02-12 07:59:47 --- E O F ---
0
Réponse 47 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
ok
la il va me falloir un peu plus de temps pour te repondre donc ,à tout à l'heure
0
Réponse 48 / 117
emanjamin2002
 
Bonjour,
J'ai bien reçu votre message hier donc j'attend vos directions.

Merci,
Emmanuel
0
Réponse 49 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
Désolé, j'ai eu un empechement personnel, hier

j'arrive seulement chez moi. , je te post la suite au plus vite
0
Réponse 50 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
re desolé

Télécharge ceci: (by Moe) :

http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.

et un autre hijackthis
a+
0
Réponse 51 / 117
emanjamin2002
 
Merci beaucoup.

Voici les rapports:

# Rapport Lopxp fait le Fri 02/15/2008 à 17:50:01
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.06 - Maj du 05/02/2008

Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" (5976)

========== Listing des dossiers Application Data

+- C:\Documents and Settings\All Users\Application Data

2007-08-03 à 07:43:52 - Adobe
2007-01-10 à 14:49:51 - Apple Computer
2006-11-13 à 12:10:41 - avg7
2007-01-14 à 13:20:42 - Google
2008-02-08 à 14:38:04 - Grisoft
2005-01-16 à 11:41:59 - Hewlett-Packard
2003-05-03 à 13:38:12 - hpqwmi
2008-02-09 à 12:55:05 - Kiwee Toolbar2
2008-02-08 à 17:56:52 - Lavasoft
2008-02-11 à 02:09:13 - Microsoft
2004-12-26 à 03:26:52 - MSN6
2008-02-13 à 23:53:23 - MumboJumbo
2005-02-17 à 10:22:41 - QuickTime
2003-05-03 à 18:49:35 - SBSI
2006-11-10 à 13:36:00 - Symantec
2008-02-11 à 01:22:49 - TEMP
2008-02-13 à 23:50:03 - Trymedia
2006-12-03 à 13:03:35 - Windows Genuine Advantage
2006-09-06 à 13:44:32 - Windows Live Toolbar
2008-02-09 à 12:54:04 - WLInstaller
2007-11-11 à 08:44:57 - Yahoo!
2008-02-14 à 00:19:51 - Yahoo! Companion
2007-11-29 à 09:21:08 - ZoomBrowser

+- C:\Documents and Settings\Choquet\Application Data

2005-02-13 à 08:41:34 - Absolutist.com
2008-02-08 à 09:54:19 - Adobe
2004-12-26 à 15:13:02 - AdobeUM
2008-02-11 à 23:20:38 - AdwareAlert
2004-12-26 à 02:20:55 - Apple Computer
2006-11-13 à 09:25:44 - AVG7
2005-05-31 à 09:22:42 - Common Files
2006-12-17 à 15:19:37 - DivX
2003-05-03 à 13:32:11 - Dossier de téléchargement Share-to-Web
2006-09-16 à 07:22:54 - Google
2008-02-08 à 14:38:23 - Grisoft
2004-12-26 à 03:06:45 - Help
2005-05-31 à 09:22:09 - HP
2003-05-03 à 18:49:36 - Identities
2004-12-26 à 01:55:38 - InterVideo
2008-02-08 à 17:56:10 - Lavasoft
2006-01-04 à 13:04:59 - Leadertech
2008-02-12 à 10:11:47 - LinkedIn
2007-01-02 à 16:05:59 - Macromedia
2005-01-10 à 16:46:51 - Magix
2007-01-29 à 14:54:25 - Media Player Classic
2008-01-13 à 08:41:31 - Microsoft
2006-12-17 à 15:20:31 - Mozilla
2006-09-05 à 13:22:48 - MSN6
2006-09-14 à 18:28:56 - Real
2004-12-27 à 14:56:11 - Sonic
2003-05-03 à 12:01:47 - Sun
2003-05-03 à 13:20:08 - Symantec
2007-01-26 à 16:05:10 - Talkback
2005-01-26 à 17:35:36 - Template
2006-12-03 à 13:11:13 - vlc
2008-02-14 à 00:19:51 - Yahoo!
2007-11-29 à 09:21:20 - ZoomBrowser EX

+- C:\Documents and Settings\Choquet\Local Settings\Application Data

2008-02-12 à 20:15:10 - Adobe
2006-09-10 à 11:53:05 - Apple Computer
2008-02-14 à 08:38:35 - ApplicationHistory
2006-09-16 à 07:21:42 - Google
2004-12-26 à 03:06:45 - Help
2004-12-26 à 01:38:16 - HP
2007-09-21 à 16:31:25 - IM
2004-12-26 à 01:38:18 - IsolatedStorage
2008-02-09 à 12:52:13 - Kiwee Toolbar2
2008-02-15 à 14:14:24 - Microsoft
2005-01-24 à 16:49:05 - MicroVision Applications
2006-12-17 à 15:20:31 - Mozilla
2005-02-18 à 11:04:14 - WMTools Downloaded Files
2003-05-03 à 12:01:05 - {7148F0A6-6813-11D6-A77B-00B0D0142030}

========== Listing du dossier Program Files

+- C:\Program Files

2008-02-08 à 15:10:57 - Absolutist.com
2008-02-08 à 15:11:00 - ACE Mega CoDecS Pack
2008-02-08 à 15:11:18 - Adobe
2008-02-11 à 23:20:38 - AdwareAlert
2008-02-08 à 15:11:55 - AirHockey 3D
2008-02-08 à 15:11:55 - Alawar
2008-02-08 à 15:11:55 - Alwil Software
2008-02-08 à 15:12:07 - Apple Software Update
2008-02-08 à 15:12:08 - Arcade Lines
2008-02-08 à 15:12:12 - Arturia
2008-02-08 à 15:12:28 - AtomixMP3
2008-02-08 à 15:12:30 - BearShare Applications
2008-02-08 à 15:12:30 - BongoBoogie
2008-02-08 à 15:12:31 - Brave Dwarves - Back For Treasures Demo
2008-02-08 à 15:12:31 - Bunny Blast Demo
2008-02-08 à 15:12:52 - Canon
2008-02-08 à 15:13:10 - Common Files
2008-02-08 à 15:13:11 - ComPlus Applications
2008-02-08 à 15:13:11 - CONEXANT
2008-02-08 à 15:13:12 - Disney Interactive
2008-02-08 à 15:13:20 - DivX
2008-02-08 à 15:13:21 - EA SPORTS
2008-02-08 à 15:13:41 - EACOM
2008-02-10 à 23:12:51 - Easy Internet signup
2008-02-04 à 15:34:16 - eMule
2008-02-09 à 22:43:24 - Enigma Software Group
2008-02-12 à 20:00:44 - ERUNT
2008-02-12 à 11:07:04 - Fichiers communs
2008-02-15 à 12:15:57 - Football Championship Screensaver
2008-02-10 à 23:12:51 - Ganymede
2008-02-10 à 23:12:51 - Google
2008-02-08 à 14:37:57 - Grisoft
2008-02-08 à 15:15:14 - Hewlett-Packard
2008-02-08 à 15:15:21 - Hits Collection
2008-02-10 à 23:12:52 - HP
2008-02-10 à 23:12:52 - HPQ
2008-02-08 à 15:18:00 - IncrediMail
2008-02-11 à 10:41:06 - InstallShield Installation Information
2008-02-08 à 15:18:06 - Intel
2008-02-08 à 15:18:11 - InterActual
2008-02-14 à 08:34:55 - Internet Explorer
2008-02-08 à 15:18:23 - InterVideo
2008-02-08 à 15:19:16 - iPod
2008-02-08 à 22:11:41 - iTunes
2008-02-08 à 15:19:47 - Java
2008-02-08 à 15:19:52 - K-Lite Codec Pack
2008-02-09 à 12:50:11 - Kiwee Toolbar2
2008-02-08 à 17:56:12 - Lavasoft
2008-02-12 à 10:07:58 - LinkedIn
2008-02-10 à 23:12:53 - Logitech
2008-02-15 à 16:50:07 - Lopxp
2008-02-08 à 15:20:18 - Ludiclub
2008-02-10 à 23:12:53 - Messenger
2008-02-08 à 15:20:32 - Micro Application
2008-02-12 à 07:57:40 - Microsoft ActiveSync
2008-02-10 à 06:47:04 - Microsoft CAPICOM 2.1.0.2
2008-02-08 à 15:20:37 - Microsoft Encarta
2008-02-08 à 15:20:38 - microsoft frontpage
2008-02-08 à 15:20:44 - Microsoft Office
2008-02-08 à 15:21:36 - Microsoft Works
2008-02-08 à 15:21:46 - Movie Maker
2008-02-08 à 15:21:52 - Mozilla Firefox
2008-02-08 à 15:21:56 - MSN
2008-02-10 à 23:12:53 - MSN Gaming Zone
2008-02-12 à 13:31:19 - MSN Messenger
2008-02-08 à 15:22:06 - MSXML 4.0
2008-02-08 à 15:22:06 - Music Mixer 4
2008-02-10 à 07:37:20 - Navilog1
2008-02-08 à 15:22:13 - NEC
2008-02-10 à 23:12:53 - NetMeeting
2008-02-14 à 07:36:36 - NetProject
2008-02-08 à 15:22:21 - Neuf
2008-02-08 à 15:22:21 - Norton AntiVirus
2008-02-08 à 15:22:22 - Outlook Express
2008-02-10 à 21:17:28 - Overland
2008-02-08 à 15:22:27 - PC Camera
2008-02-10 à 23:12:55 - phelios
2008-02-08 à 15:22:30 - quickmov
2008-02-08 à 15:22:57 - QuickTime
2008-02-10 à 23:12:53 - Random House, Inc
2008-02-08 à 15:22:59 - Real
2008-02-08 à 15:23:18 - RecordNow!
2008-02-08 à 15:23:20 - Redoubt
2008-02-08 à 15:23:23 - Securitoo
2008-02-08 à 15:23:36 - Services en ligne
2008-02-08 à 15:23:42 - Sonic
2008-02-08 à 15:23:43 - Sony Corporation
2008-02-08 à 15:23:43 - Star Ball
2008-02-08 à 15:23:45 - Superball Arcade
2008-02-08 à 15:23:46 - Symantec
2008-02-08 à 15:23:46 - Synaptics
2008-02-08 à 15:23:57 - TLI
2008-02-09 à 08:15:48 - Trend Micro
2008-02-08 à 15:23:58 - Uninstall Information
2008-02-08 à 15:23:58 - VideoLAN
2008-02-08 à 15:24:01 - Virtools Web Player 3.5
2008-02-12 à 13:34:15 - VirusHeat 3.9
2008-02-08 à 15:24:04 - Wanadoo
2008-02-09 à 12:54:56 - Windows Live
2008-02-10 à 00:53:01 - Windows Live Toolbar
2008-02-08 à 15:24:07 - Windows Media Connect 2
2008-02-08 à 15:24:13 - Windows Media Player
2008-02-08 à 15:24:15 - Windows NT
2008-02-08 à 15:24:15 - WindowsUpdate
2008-02-08 à 15:24:16 - WordBiz
2008-02-08 à 15:24:16 - xerox
2008-02-13 à 23:52:13 - Yahoo!
2008-02-13 à 23:51:35 - Yahoo! Games

========== Tâches planifiées

AdwareAlert Scheduled Scan.job: C:\Program Files\AdwareAlert\AdwareAlert.exe scheduled
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task -disabled
Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE

========== Clés registre

========== Bloqueur popups Internet Explorer

www.meteofrance.fr
www.top20free.com
*.securewebinfo.com
*.safetyincludes.com
*.securemanaging.com
PopupMgr

========== Suggestion ( /!\ Nécessite une interprétation.) ==========

+- Dossiers\Fichiers : Aucune suggestion.

+- Registre : Aucune suggestion.

- Fin du rapport -

--------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:52:51 PM, on 2/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\Choquet\Mes documents\Picture Package Menu\SonyTray.exe
C:\Documents and Settings\Choquet\Mes documents\Picture Package Applications\Residence.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Sysem Player - {861EA552-6309-490A-AC97-1F574E730CF1} - C:\WINDOWS\sysvol32.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-ABCD-7DD20B862223} - C:\Program Files\Helper\1202692834.dll (file missing)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BackupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1c674015c91a44aba22c729f8d68bc75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1c674015c91a44aba22c729f8d68bc75
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: didact - {747e1fbe-b70f-441d-bbca-6e536c04924a} - C:\WINDOWS\system32\wuuawkz.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett Packard Company - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 52 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
salut

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
0
Réponse 53 / 117
emanjamin2002
 
voici les résultats:

SDFix: Version 1.142

Run by Choquet on Fri 02/15/2008 at 06:35 PM

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Choquet\Bureau\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\QTWMCI32.DLL - Deleted

Removing Temp Files...

ADS Check:

Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-15 18:46:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
""!A?n?n?a?L?i?s?a?F?o?n?t?7?1? ?t?t?e?x?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\WordGame.ttf"
""!P?r?e?s?t?o?n?S?c?r?i?p?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\Prestnsi.ttf"
"\24 A?n?n?a?L?i?s?a?F?o?n?t?7?1? ?t?t?e?x?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\WordGame.ttf"
"\24 P?r?e?s?t?o?n?S?c?r?i?p?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\Prestnsi.ttf"
"~\1A?n?n?a?L?i?s?a?F?o?n?t?7?1? ?t?t?e?x?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\WordGame.ttf"
"~\1P?r?e?s?t?o?n?S?c?r?i?p?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\Prestnsi.ttf"
"`\1A?n?n?a?L?i?s?a?F?o?n?t?7?1? ?t?t?e?x?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\WordGame.ttf"
"`\1P?r?e?s?t?o?n?S?c?r?i?p?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\Prestnsi.ttf"
"S\1A?n?n?a?L?i?s?a?F?o?n?t?7?1? ?t?t?e?x?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\WordGame.ttf"
"S\1P?r?e?s?t?o?n?S?c?r?i?p?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\Prestnsi.ttf"
"\x2019\1A?n?n?a?L?i?s?a?F?o?n?t?7?1? ?t?t?e?x?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\WordGame.ttf"
"\x2019\1P?r?e?s?t?o?n?S?c?r?i?p?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\Prestnsi.ttf"
"\32 A?n?n?a?L?i?s?a?F?o?n?t?7?1? ?t?t?e?x?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\WordGame.ttf"
"\32 P?r?e?s?t?o?n?S?c?r?i?p?t? ?(?T?r?u?e?T?y?p?e?)?"="C:\PROGRA~1\HITSCO~1\JEUXDE~1\Prestnsi.ttf"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:*:Disabled:ActiveSync RAPI Manager"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------

File Backups: - C:\DOCUME~1\Choquet\Bureau\SDFix\backups\backups.zip

Files with Hidden Attributes:

Sat 3 Nov 2007 9 A..H. --- "C:\WINDOWS\system32\wxmmin.dll"
Thu 5 Oct 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 25 Dec 2007 342 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti56.tmp"
Tue 23 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 9 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\326d1a08fc685e3efad9e9a5b059ebfb\BIT6D.tmp"
Sat 9 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5b6da8fb69b176ee583a3734e2af76e6\BIT6E.tmp"
Sat 9 Feb 2008 10,092,048 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8b3179d71e82d8085d960408b16ae5bf\BIT70.tmp"
Sat 9 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9526baba4c0a42975f8fabcda9ca8dc3\BIT71.tmp"
Sat 9 Feb 2008 1,229,688 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bc7043d60e692448b548f03d568309ab\BIT6F.tmp"
Thu 5 Oct 2006 4,348 ...H. --- "C:\Documents and Settings\Choquet\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Thu 5 Oct 2006 20 A..H. --- "C:\Documents and Settings\Choquet\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Sun 17 Sep 2006 312 A.SH. --- "C:\Documents and Settings\Choquet\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"

Finished!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:01:05 PM, on 2/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\AdwareAlert\AdwareAlert.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\Choquet\Mes documents\Picture Package Menu\SonyTray.exe
C:\Documents and Settings\Choquet\Mes documents\Picture Package Applications\Residence.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BackupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1c674015c91a44aba22c729f8d68bc75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1c674015c91a44aba22c729f8d68bc75
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: didact - {747e1fbe-b70f-441d-bbca-6e536c04924a} - C:\WINDOWS\system32\wuuawkz.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett Packard Company - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 54 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
re

vas dans ajout/suppression de programmes

et supprime ce programme

Logitech\Desktop Messenge

puis reposte un hijakthis

EDIT: Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : zdsbjnbw.exe
Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.
0
Réponse 55 / 117
emanjamin2002
 
Bonsoir,

J'ai suivi les directions MAIS le programme ne veut pas etre supprimé. CELA VEUT DIRE QUE LORSQUE J'appuie sur supprimer, il y a qqch qui saute. C'est très rapide et ne peut pas être vu mais il y a qqch qui clignotte très vite. Je susi aller sur Démarrer et puis programme. Je l'ai trouvé et supprimer. Je suis retourner sur Ajouter/Supprimer programmes mais la même chose s'est produit. Donc ???????? je ne sais pas quoi faire.

J'ai quand même fait un HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:02:58 PM, on 2/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\AdwareAlert\AdwareAlert.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\Choquet\Mes documents\Picture Package Menu\SonyTray.exe
C:\Documents and Settings\Choquet\Mes documents\Picture Package Applications\Residence.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.2.116\KiweeIEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.2.116\kwtbaim.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BackupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1c674015c91a44aba22c729f8d68bc75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1c674015c91a44aba22c729f8d68bc75
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {177CFD0A-AFFB-4F2A-9ACB-41395E0ECA13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: didact - {747e1fbe-b70f-441d-bbca-6e536c04924a} - C:\WINDOWS\system32\wuuawkz.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett Packard Company - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 56 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
ok, c'est pas grave , je passerais par autre chose

j'avais edité , je te remet une autre chose à faire

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : zdsbjnbw.exe
Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.
0
Réponse 57 / 117
emanjamin2002
 
Voici le rapport
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File zdsbjnbw.exe received on 02.14.2008 20:27:24 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 6/32 (18.75%)
Loading server information...
Your file is queued in position: 4.
Estimated start time is between 47 and 68 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.2.15.10 2008.02.14 -
AntiVir 7.6.0.65 2008.02.14 TR/Dropper.Gen
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.14 -
AVG 7.5.0.516 2008.02.14 -
BitDefender 7.2 2008.02.14 -
CAT-QuickHeal None 2008.02.14 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.02.14 -
DrWeb 4.44.0.09170 2008.02.14 -
eSafe 7.0.15.0 2008.02.14 -
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.14 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.14 -
F-Secure 6.70.13260.0 2008.02.14 -
Ikarus T3.1.1.20 2008.02.14 -
Kaspersky 7.0.0.125 2008.02.14 -
McAfee 5230 2008.02.14 -
Microsoft 1.3204 2008.02.14 Trojan:Win32/Wintrim.gen!E
NOD32v2 2876 2008.02.14 -
Norman 5.80.02 2008.02.14 -
Panda 9.0.0.4 2008.02.14 -
Prevx1 V2 2008.02.14 Heuristic: Suspicious File With Anti-Security Technology
Rising 20.31.30.00 2008.02.14 -
Sophos 4.26.0 2008.02.14 -
Sunbelt 2.2.907.0 2008.02.14 -
Symantec 10 2008.02.14 Trojan.Skintrim
TheHacker 6.2.9.219 2008.02.13 -
VBA32 3.12.6.1 2008.02.14 -
VirusBuster 4.3.26:9 2008.02.14 -
Webwasher-Gateway 6.6.2 2008.02.14 Trojan.Dropper.Gen
Additional information
File size: 286208 bytes
MD5: b1e534a0eca26fd854b412aff074d34c
SHA1: 0b720285cfedc73fcfc69fa28bc48428524193d7
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=C2CC4607001420885E1B0439839D0B00A4E54E5F

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com
0
Réponse 58 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
Refait la manip sur virus total vac ces deux autres fichiers, stp, et colle les rapports

C:\WINDOWS\system32\okilgxi.exe
C:\WINDOWS\system32\mmdbolua.exe
0
Réponse 59 / 117
emanjamin2002
 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File okilgxi.exe received on 02.14.2008 21:20:36 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 2/32 (6.25%)
Loading server information...
Your file is queued in position: 3.
Estimated start time is between 44 and 63 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.2.15.10 2008.02.14 -
AntiVir 7.6.0.65 2008.02.14 -
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.14 -
AVG 7.5.0.516 2008.02.14 -
BitDefender 7.2 2008.02.14 -
CAT-QuickHeal None 2008.02.14 -
ClamAV 0.92.1 2008.02.14 -
DrWeb 4.44.0.09170 2008.02.14 -
eSafe 7.0.15.0 2008.02.14 Suspicious File
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.14 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.14 -
F-Secure 6.70.13260.0 2008.02.14 -
Ikarus T3.1.1.20 2008.02.14 -
Kaspersky 7.0.0.125 2008.02.14 -
McAfee 5230 2008.02.14 -
Microsoft 1.3204 2008.02.14 -
NOD32v2 2876 2008.02.14 -
Norman 5.80.02 2008.02.14 -
Panda 9.0.0.4 2008.02.14 -
Prevx1 V2 2008.02.14 -
Rising 20.31.30.00 2008.02.14 -
Sophos 4.26.0 2008.02.14 -
Sunbelt 2.2.907.0 2008.02.14 -
Symantec 10 2008.02.14 -
TheHacker 6.2.9.220 2008.02.14 -
VBA32 3.12.6.1 2008.02.14 -
VirusBuster 4.3.26:9 2008.02.14 -
Webwasher-Gateway 6.6.2 2008.02.14 Win32.Malware.dam (suspicious)
Additional information
File size: 160968 bytes
MD5: 6c6385ba3d79621fac870241d002b4d8
SHA1: 34f1983a3526ba018dc5105fbc1ea87365158bec
PEiD: -
packers: PE_Patch

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com

-------------------------------------

| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File mmdbolua.exe received on 02.14.2008 21:29:29 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 7/32 (21.88%)
Loading server information...
Your file is queued in position: 3.
Estimated start time is between 44 and 63 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.2.15.10 2008.02.14 -
AntiVir 7.6.0.65 2008.02.14 TR/Dropper.Gen
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.14 -
AVG 7.5.0.516 2008.02.14 -
BitDefender 7.2 2008.02.14 -
CAT-QuickHeal None 2008.02.14 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.02.14 -
DrWeb 4.44.0.09170 2008.02.14 -
eSafe 7.0.15.0 2008.02.14 -
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.14 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.14 -
F-Secure 6.70.13260.0 2008.02.14 -
Ikarus T3.1.1.20 2008.02.14 -
Kaspersky 7.0.0.125 2008.02.14 -
McAfee 5230 2008.02.14 -
Microsoft 1.3204 2008.02.14 Trojan:Win32/Wintrim.gen!E
NOD32v2 2876 2008.02.14 -
Norman 5.80.02 2008.02.14 -
Panda 9.0.0.4 2008.02.14 Suspicious file
Prevx1 V2 2008.02.14 Heuristic: Suspicious File With Anti-Security Technology
Rising 20.31.30.00 2008.02.14 -
Sophos 4.26.0 2008.02.14 -
Sunbelt 2.2.907.0 2008.02.14 -
Symantec 10 2008.02.14 Trojan.Skintrim
TheHacker 6.2.9.220 2008.02.14 -
VBA32 3.12.6.1 2008.02.14 -
VirusBuster 4.3.26:9 2008.02.14 -
Webwasher-Gateway 6.6.2 2008.02.14 Trojan.Dropper.Gen
Additional information
File size: 298496 bytes
MD5: 56330ed6302ffc868639e476a210ab38
SHA1: cb28ae173b0f038e8faf9a7ae88ebccfa39833ae
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=A89E4A4100DBDAEA8E6F044DC33F70004C8748A2

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com
0
Réponse 60 / 117
noctambule28 Messages postés 25275 Date d'inscription   Statut Webmaster Dernière intervention   2 874
 
Copie le texte se situant dans le cadre ci-dessous :(en gras)

File::

C:\WINDOWS\system32\wuuawkz.dll
C:\WINDOWS\system32\okilgxi.exe
C:\WINDOWS\system32\mmdbolua.exe

Registry::

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{747e1fbe-b70f-441d-bbca-6e536c04924a}"=-

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe

Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un nouveau rapport Hijackthis.
S'il n'y a pas de redémarrage, poste quand même les rapports.
0
Précédent
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

Discussions similaires

Trojan Win32 generic
yelena94 -
yelena94 -

27 réponses
PDM:Trojan.generic.win32 depuis 2 jours
CTF05 -
Malekal_morte- -

5 réponses
Trojan.Win32.Hosts2.gen
matthieugoua -
afideg -

38 réponses
Infection par Trojan.Win32.Bazon.a
Capdec -
Capdec -

16 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses