virus photo album via msn (1/2)

Connexion au forum informatique de Sur-la-Toile

La discussion « virus photo album via msn » se trouve dans le forum « Virus, troyens, etc... »

	virus photo album via msn
	» Liste des Forums » Virus, troyens, etc... » Discussion

63 messages dans la rubrique Dépannage Informatique

36 messages dans la rubrique Virus, troyens, etc...

26 ans.

Le 16-04-2007 à 23:23 #

Bonjour,
J'ai un soucis dont j'ai pu constater que nombre d'internautes on aussi.
Mais j'ai lu que ca se traitai au cas par cas, alors je crée ce message.

Je suis moi aussi attaquée par ce vilain virus, bien chiant transmis de contacts en contact via MSN.

Sur le coup, j'ai cru que c t un dossier envoyé par ma soeur,je l'ai ouvert et je me suis vite rendue compte que c'etait pas ca.
Avast n'a rien detecté, meme apres un lancement antivirus minutieux.

les effets : ca a commencé par me bloquer l'acces a mes contacts msn.
Ensuite, ca m'a permis l'acces a certaines personnes et pas à d'autres, et ca change tous les jours
Depuis aujourd'hui, mes conversations se terminent soudainement, et impossible de recontacter le membre en ligne.
Et depuis 1 heure, g des bugs sur mon pc...
En fait, c'est de pire en pire, c'est ce qui me fait peur.

J'ai supprimé certains fichiers que j'ai pu retrouver (photo album.zip, un autres ds windows/perfecht, g fait un CCleaner...mais ca n'a pas l'air d'etre suffisant)

Pour reprendre les messages et les solutions deja apportées :

J'ai telechargé MSNFix.zip, j'ai fais une recherche, et comme l'infection a été detectée j'ai lancé un nettoyage.
Ensuite une fenetre "msn_fix-resultat" s'affiche et me repond :
C:DOCUME~1/MRIAM~1/LOCAL~1/temp/IadHide5.dll
Acces refusé
Et aussitot une fenetre "MSNfix bloc note s'ouvre et m'envoi ca :

MSN_Fix 1.17

C:\Documents and Settings\M‚riam\Bureau\MSNFix
Fix exécuté le 16/04/2007 à 22:56:39,96 par M‚riam
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\rdihost.dll

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\rdihost.dll

************************ Nettoyage du registre
Nettoyage terminé

************************ suppression des fichiers temporaires

.......... Terminé

************************ Nettoyage du dossier C:\WINDOWS\Prefetch\

.......... Terminé

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 16042007_22564901.zip

------------------------------------------------------------------------
Auteur: !aur3n7 Contact: http://lyonnais92.aceboard.fr
------------------------------------------------------------------------

--------------------------------------------- FIN ---------------------------------------------

Sauvegardez ce rapport puis faites un copier/coller de ce rapport sur le forum, ainsi qu'un nouveau scan HijackThis fait en mode normal.

Apres ca j'ai telechargé HijackThis, j'ai fait comme vous disiez ds un autre poste et le bloc note me sort ca :

Logfile of HijackThis v1.99.1
Scan saved at 23:08:39, on 16/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Mériam\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.seekgoofr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NI.UERSV_0001_N91S2108] "C:\Documents and Settings\Mériam\Bureau\ErrorSafeFrenchNewReleaseInstall.exe" -nag
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [uwa6pcw] "C:\Program Files\WinAntiVirus Pro 2006\uwa6pcw.exe" -c
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.2.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.1.0.53.cab
O18 - Protocol: bw+0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Puis j'ai telechargé Clean, je fais une recherche, le bloc note me donne ca :

16/04/2007 a 23:14:50,06

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\f3PSSavr.scr FOUND
C:\WINDOWS\system32\stera.job FOUND
"C:\Documents and Settings\M‚riam\Application Data\hbtools\" FOUND
"C:\Documents and Settings\M‚riam\Application Data\WinAntivirus Pro 2006\" FOUND
"C:\Documents and Settings\All Users\Documents\setup.exe" FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\" FOUND
"C:\Program Files\Dynamic Toolbar\" FOUND
"C:\Program Files\MyWebSearch\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !

Alors j'ai choisi l''option "nettoyer les fichiers infectieux", et voici le rapport :

Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 16/04/2007 a 23:17:06,34

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\f3PSSavr.scr
tentative de suppression de C:\WINDOWS\system32\stera.job
tentative de suppression de "C:\Documents and Settings\M‚riam\Application Data\hbtools\"
tentative de suppression de "C:\Documents and Settings\M‚riam\Application Data\WinAntivirus Pro 2006\"
tentative de suppression de "C:\Documents and Settings\All Users\Documents\setup.exe"

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\"
tentative de suppression de "C:\Program Files\Dynamic Toolbar\"
tentative de suppression de "C:\Program Files\MyWebSearch\"
Impossible de supprimer "C:\Program Files\MyWebSearch\"
tentative de suppression de "C:\Program Files\Viewpoint\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

Quelqu'un peut il me dire si j'ai omis de faire quelque chose, ou si tout est fini...
Merci bcp!

26 ans.

Le 17-04-2007 à 23:54 #

heuuuuuu, pourquoi on repond a tout le monde sauf a moi???

196 messages dans la rubrique Dépannage Informatique

73 messages dans la rubrique Virus, troyens, etc...

Le 18-04-2007 à 00:02 #

Bonsoir mimi515475 ! Désolé mais il y a beaucoup de demande au sujet de ce virus et les personnes qui s'en occupent habituellement ne sont pas présentes.

Pour msnFix. Supprime ce fichier si ce n'est pas déjà fait en recherchant sur ton DD :

C:\WINDOWS\system32\rdihost.dll

Pour hijackthis, tu coche ces lignes :
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)

O4 - HKLM\..\Run: [uwa6pcw] "C:\Program Files\WinAntiVirus Pro 2006\uwa6pcw.exe" -c

O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.2.0\HbtWeatherOnTray.exe

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

et tu clique dans le programme sur "fix checked".
Pour le rapport clean, je suis désolé mais je ne sais pas l'interpréter. Je m'y interesserait demain. Donc je te propose d'attendre que les pro se connectent . Soit patiente. Bonne nuit.

26 ans.

Le 18-04-2007 à 12:59 #

merci beaucoup chucky c sympa
j'ai fais ce que tu m'a demandé, mais malheureusemetn, je c pas si c grave ms j'avais pas :

C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe

et

O4 - HKLM\..\Run: [uwa6pcw] "C:\Program Files\WinAntiVirus Pro 2006\uwa6pcw.exe" -c

je l'ai fai qu'avec ceux que j'avais d'inscrit!

quelqu'un peu me dire si c'est bon???
Un pro...??non??personne??

12036 messages dans la rubrique Virus, troyens, etc...

316 messages dans la rubrique Dépannage Informatique

Le 18-04-2007 à 13:08 #

bonjour
déjà ça
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
ne se fixe pas dans hijack
------------

refait un rapport hijack pour voir où tu en es

26 ans.

Le 18-04-2007 à 18:26 #

OK,

voici :

Logfile of HijackThis v1.99.1
Scan saved at 18:23:38, on 18/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fastlab Print Service\dd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mériam\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.seekgoofr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NI.UERSV_0001_N91S2108] "C:\Documents and Settings\Mériam\Bureau\ErrorSafeFrenchNewReleaseInstall.exe" -nag
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O18 - Protocol: bw+0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

453 messages dans la rubrique Virus, troyens, etc...

34 ans.

Le 18-04-2007 à 20:17 #

salut,

si tu rencontres des problemes merci de les signaler dans un prochain post mais de poursuivre la procedure jusqu'au bout
Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.

télécharge puis installe ccleaner
ccleaner
attention a la fin de l'installation laisse cocher uniquement "ajouter un icone sur le bureau"
decoche les quatre autres cases

Télécharge puis installe
AVG Anti-Spyware (AVG AS)
Une fois AVG AS lancé, clique sur "Mise à jour"

ensuite

redemarre en mode sans echec
aide demarrage mode sans echec
Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
Double-clic sur clean. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis cette fois-ci l'option 2 .
Clean va travailler.
Un rapport Va etre généré, colle le contenu entier ici.
C:\rapport_clean.txt

ensuite

double clic sur l'icone ccleaner
lance le nettoyage
et lance" corriger les erreurs"
Tutoriel Comment utiliser CCleaner

ensuite

toujours en mode sans échec
Relance AVG Anti-Spyware (AVG AS) puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté détécté en fin d'analyse
Clique sur "Appliquer toutes les actions "
copie colle le rapport obtenu

a+

post en plus des rapports de clean et avg un nouveau log hijackthis

26 ans.

Le 18-04-2007 à 23:28 #

18-04-2007 à 20:17, fred841 :
salut,

si tu rencontres des problemes merci de les signaler dans un prochain post mais de poursuivre la procedure jusqu'au bout

Heu desole mais je ne comprends pas pourquoi tu me dis ca...j'ai suivi a la lettre toute les indications qu'on m'a donné...j'ai ouvert ce post pour signaler le probleme, j'ai suivi les 1ere procedures, inscrit les rapport...alors a moins que j'ai mal interpreté ce que tu m'ecrit, je ne vois pas pourquoi tu me dis de poursuivre la procedure jusqu'au bout comme si je ne l'avait pas fait!!!Faut m'eclairer la, parce que je vois pas ou ca solle pas!!!

A moins que tu me dises ca parce que mon probleme va etre definitivement clos?!
Merci de me repondre, et en cas de soucis j'ouvre un nouveau post!!!

1328 messages dans la rubrique Virus, troyens, etc...

661 messages dans la rubrique Humour, Délires, Jeux

576 messages dans la rubrique Dépannage Informatique

275 messages dans la rubrique Jeux Vidéo

15 ans.

Le 19-04-2007 à 00:12 #

Bon à mon avis, ça doit être bon.. mais à toi de nous dire si tu as toujours des problèmes

26 ans.

Le 19-04-2007 à 14:38 #

coucou,
Alors voila, j'ai un peu galeré mais c'est fait...
A vous d'interpreter les rapports!

voici le rapport AVG :

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:43:16 19/04/2007

+ Résultat de l'analyse:

HKU\S-1-5-21-3656420712-720234231-3288537472-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3656420712-720234231-3288537472-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3656420712-720234231-3288537472-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4508E20C-ACAD-11D2-9FC0-00550076E06F} -> Adware.2Search : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Mériam\Bureau\films\HANNIBAL LECTER. version française\argentfacile.doc -> Adware.BetterInternet : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP319\A0049933.DLL -> Adware.IWon : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3656420712-720234231-3288537472-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP319\A0049923.DLL -> Downloader.IstBar : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.327:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.328:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.329:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.330:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.239:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.240:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.241:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.242:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.243:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.244:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.393:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.420:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.434:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@viamtvcom.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.422:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.423:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.267:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.268:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.269:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.340:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.341:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.342:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.343:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.344:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.345:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.369:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.370:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.155:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.157:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.158:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.159:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.160:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.252:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.179:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@com[1].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.390:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.391:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.392:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.411:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Coremetrics : Nettoyé.
:mozilla.14:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.63:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.336:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.101:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.116:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.119:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.120:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.164:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.26:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.56:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.58:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.59:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.82:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.99:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.363:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.364:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.365:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.366:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.42:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.43:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.384:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.348:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Quarterserver : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.308:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.309:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.310:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.311:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.312:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.168:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.169:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.401:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.402:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.64:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.65:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.66:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.331:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.71:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.72:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.77:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.339:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@a.tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.407:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.80:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.81:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.374:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Yo\Cookies\yo@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.316:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.317:C:\Documents and Settings\Yo\Application Data\Mozilla\Firefox\Profiles\nzb6nq1n.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

Fin du rapport

et voici le rapport Highjackthis fait apres :

Logfile of HijackThis v1.99.1
Scan saved at 13:44:21, on 19/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Mériam\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.seekgoofr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O18 - Protocol: bw+0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {0D73838B-2660-4DD0-9DC1-218B142000B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Par contre, je me demande si je dois effacer ce qui a été mis en quarantaine ds AVG??

» Liste des Forums » Virus, troyens, etc...

virus photo album via msn

Participer! →

mimi515475 →

Le 16-04-2007 à 23:23 #

mimi515475 →

Le 17-04-2007 à 23:54 #

Chucky →

Le 18-04-2007 à 00:02 #

mimi515475 →

Le 18-04-2007 à 12:59 #

land3 →

Le 18-04-2007 à 13:08 #

mimi515475 →

Le 18-04-2007 à 18:26 #

fred841 →

Le 18-04-2007 à 20:17 #

mimi515475 →

Le 18-04-2007 à 23:28 #

plus10 →

Le 19-04-2007 à 00:12 #

mimi515475 →

Le 19-04-2007 à 14:38 #

Participer! →

Sujets Connexes

Arakien & WéWé

Du nouveau ?

Forums