Votre question

win32 swizzor message regulier par avast et impossible de lance msn

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Octobre 2008 13:05:18

Bonjour
Avast m'indique un message virus win32 swizzor tres régulierement et depuis l'apparition de ce message, mon msn est totalement paralysé; Impossible de lancer le window live messenger; Il y a un petit panneau interdit sur le messenger plus . Par moment l'application msn se lance a ma demande mais tres vite l'ecran disparait et le logo sur la barre d'outil aussi.
Ai tout essayé ; Rien ne fait re demarrer mon msn ...
Merci de votre aide ...
Je ne suis pas un pro du pc mais je me debrouille .

Autres pages sur : win32 swizzor message regulier avast impossible lance msn

21 Octobre 2008 14:03:10

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:02:17 PM, on 10/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\ccsrvc.exe
C:\Program Files\Altiris\Carbon Copy\shellker.exe
C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Altiris\CARBON~1\client.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\kmw_run.exe
C:\WINDOWS\system32\KMW_SHOW.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\UFDisk Format Tool2\UFDisk Format Tool2\iFormat2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\Intuwave\Shared\MROUTE~1\MRB39E~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\syncindicator.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://10.52.57.240:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: 57.253.47.193 RES.SABRE.com
O1 - Hosts: 57.253.47.194 DECS.SABRE.com
O1 - Hosts: 57.253.47.194 FOS.SABRE.com
O1 - Hosts: 57.253.47.194 MSG.SABRE.com
O1 - Hosts: 57.253.47.194 FRT.SABRE.com
O1 - Hosts: 57.253.47.195 TSTS.SABRE.com
O1 - Hosts: 57.253.47.196 TDEC.SABRE.com
O1 - Hosts: 162.92.69.1 lb1.sabre.com
O1 - Hosts: 162.92.69.2 lb2.sabre.com
O1 - Hosts: 162.92.69.1 ofep01.sabre.com
O1 - Hosts: 162.92.69.2 ofep02.sabre.com
O1 - Hosts: 57.253.47.199 ofep03.sabre.com
O1 - Hosts: 57.253.47.200 ofep04.sabre.com
O1 - Hosts: 57.253.47.201 ofep05.sabre.com
O1 - Hosts: 57.253.47.202 ofep06.sabre.com
O1 - Hosts: 57.253.47.203 ofep07.sabre.com
O1 - Hosts: 57.253.47.204 ofep08.sabre.com
O1 - Hosts: 57.253.47.205 ofep09.sabre.com
O1 - Hosts: 57.253.47.206 ofep10.sabre.com
O1 - Hosts: 57.253.47.207 ofep11.sabre.com
O1 - Hosts: 57.253.47.208 ofep12.sabre.com
O1 - Hosts: 57.253.47.209 ofep13.sabre.com
O1 - Hosts: 57.253.47.210 ofep14.sabre.com
O1 - Hosts: 57.253.47.211 ofep15.sabre.com
O1 - Hosts: 57.253.47.212 ofep16.sabre.com
O1 - Hosts: 57.253.47.213 ofep17.sabre.com
O1 - Hosts: 57.253.47.214 ofep18.sabre.com
O1 - Hosts: 57.253.47.215 ofep19.sabre.com
O1 - Hosts: 57.253.47.216 ofep20.sabre.com
O1 - Hosts: 57.253.47.217 ofep21.sabre.com
O1 - Hosts: 57.253.47.218 ofep22.sabre.com
O1 - Hosts: 57.253.47.219 ofep23.sabre.com
O1 - Hosts: 57.253.47.220 ofep24.sabre.com
O1 - Hosts: 57.253.47.221 ofep25.sabre.com
O1 - Hosts: 57.253.47.222 ofep26.sabre.com
O1 - Hosts: 57.253.47.223 ofep27.sabre.com
O1 - Hosts: 57.253.47.224 ofep28.sabre.com
O1 - Hosts: 57.253.47.225 ofep29.sabre.com
O1 - Hosts: 57.253.47.226 ofep30.sabre.com
O1 - Hosts: 57.253.47.227 ofep31.sabre.com
O1 - Hosts: 57.253.47.228 ofep32.sabre.com
O1 - Hosts: 57.253.47.229 ofep33.sabre.com
O1 - Hosts: 57.253.47.230 ofep34.sabre.com
O1 - Hosts: 57.253.47.231 ofep35.sabre.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AeXAgentLogon] C:\Program Files\Altiris\Altiris Agent\AeXAgentActivate.exe /logon
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GFRShortcut] "C:\Program Files\GoFileRoom\Common Files\GFRShortcut.exe"
O4 - HKLM\..\Run: [GFRPrinter] "C:\Program Files\GoFileRoom\PrintToGoFileRoom\PrintDriver\GoFileRoomPrinter.exe" -install
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: iFormat2.lnk = C:\Program Files\UFDisk Format Tool2\UFDisk Format Tool2\iFormat2.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: SabStart.lnk = C:\Program Files\Csapi\Print32\Sabstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUpload...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {654B32A7-3103-4F58-B3AE-2D847520C2BE} (GFRCheckBrowser.clsGetVersion) - https://workflow.onesourcetax.com/GFRCheckBrowser.dll
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://vpn.awacompass.com/dana-cached/setup/JuniperSet...
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lcc.usairways.com
O17 - HKLM\Software\..\Telephony: DomainName = lcc.usairways.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lcc.usairways.com
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: AMINIT.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Altiris Carbon Copy (CarbonCopy32) - Altiris - C:\WINDOWS\system32\ccsrvc.exe
O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
O23 - Service: DB2 Security Server (DB2COPY1) (DB2NTSECSERVER_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: Sabre Print (SabrePrint) - Sabre Inc. - C:\Program Files\Csapi\Print32\OADP.EXE

--
End of file - 14758 bytes
a b 8 Sécurité
21 Octobre 2008 20:08:02

Re,

Télécharge R-Hosts.exe (de S!ri)
Lance R-Hosts puis clique sur "Restaurer".
Valide la modification en appuyant sur OK.

&

Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    21 Octobre 2008 20:55:21

    -----------\\ ToolBar S&D 1.2.2 XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz )
    BIOS : KBC Version 40.17
    USER : U48849 ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081020-0] 4.8.1229 (Activated)
    C:\ (Local Disk) - NTFS - Total : 93 Go Free : 43 Go
    P:\ (Disque réseau)

    "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
    Option : [1] ( Tue 10/21/2008|20:50 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\AskPBar
    C:\Program Files\AskPBar\bar
    C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
    C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js
    C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul
    C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd
    C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.properties
    C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll
    C:\DOCUME~1\u48849\APPLIC~1\Search Settings
    C:\DOCUME~1\u48849\APPLIC~1\Search Settings\kb127
    C:\Program Files\Search Settings
    C:\Program Files\Search Settings\kb127
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\DOCUME~1\ADMINI~1\APPLIC~1\SmartShopper
    C:\DOCUME~1\ADMINI~1\APPLIC~1\SmartShopper\cs
    C:\DOCUME~1\u48849\APPLIC~1\SmartShopper
    C:\DOCUME~1\u48849\APPLIC~1\SmartShopper\cs
    C:\Program Files\SmartShopper
    C:\Program Files\SmartShopper\Bin
    C:\Program Files\SmartShopper\cs
    C:\Program Files\SmartShopper\Uninst.exe
    C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\SmartShopper
    C:\Temp\mc46B.tmp

    -----------\\ Extensions

    (u48849) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.google.fr/"
    "Url"="http://go.microsoft.com/fwlink/?LinkId=68928"
    "Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.google.com/ie"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - Tue 10/21/2008|20:52 - Option : [1]

    -----------\\ Fin du rapport a 20:52:40.67
    a b 8 Sécurité
    21 Octobre 2008 21:01:21

    Re,

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    21 Octobre 2008 21:18:35

    -----------\\ ToolBar S&D 1.2.2 XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz )
    BIOS : KBC Version 40.17
    USER : U48849 ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081020-0] 4.8.1229 (Activated)
    C:\ (Local Disk) - NTFS - Total : 93 Go Free : 43 Go
    P:\ (Disque réseau)

    "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
    Option : [2] ( Tue 10/21/2008|21:15 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\AskPBar\bar
    Supprime! - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
    Supprime! - C:\DOCUME~1\u48849\APPLIC~1\Search Settings\kb127
    Supprime! - C:\Program Files\Search Settings\kb127
    Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
    Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\SmartShopper\cs
    Supprime! - C:\DOCUME~1\u48849\APPLIC~1\SmartShopper\cs
    Supprime! - C:\Program Files\SmartShopper\Bin
    Supprime! - C:\Program Files\SmartShopper\cs
    Supprime! - C:\Program Files\SmartShopper\Uninst.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\SmartShopper
    Supprime! - C:\Temp\mc46B.tmp
    Supprime! - C:\Program Files\AskPBar
    Supprime! - C:\DOCUME~1\u48849\APPLIC~1\Search Settings
    Supprime! - C:\Program Files\Search Settings
    Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\SmartShopper
    Supprime! - C:\DOCUME~1\u48849\APPLIC~1\SmartShopper
    Supprime! - C:\Program Files\SmartShopper

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (u48849) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.google.fr/"
    "Url"="http://go.microsoft.com/fwlink/?LinkId=68928"
    "Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.google.com/ie"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - Tue 10/21/2008|20:52 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - Tue 10/21/2008|21:17 - Option : [2]

    -----------\\ Fin du rapport a 21:17:11.56
    22 Octobre 2008 09:55:26

    Bonjour,
    faut il faire d'autres entrées ? mon msn ne se lance toujours pas . Merci
    22 Octobre 2008 10:42:51

    Bonjour ,

    Pourquoi tu ne fais pas tout simplement une analyse antivirus ?!
    En suite tu désinstalle et réinstalla windows live mssenger et le tour est jouer !

    Cordialement ,
    22 Octobre 2008 12:46:33

    c est fait mais impossible de lancer mon msn messenger . L'icone est présente sur ma barre d'outil sans fonctionner . Quand le curseur se deplace sur l'icone, le symbole disparait. Windows live fonctionne sauf le messenger
    a b 8 Sécurité
    22 Octobre 2008 17:25:11

    Désinstalle/réinstaller MSN. Reposte un rapport Hijackthis.
    23 Octobre 2008 17:35:42

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:32:02 PM, on 10/23/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\System32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\ccsrvc.exe
    C:\Program Files\Altiris\Carbon Copy\shellker.exe
    C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
    C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\PROGRA~1\Altiris\CARBON~1\client.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\McAfee\Common Framework\UdaterUI.exe
    C:\WINDOWS\system32\kmw_run.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
    C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
    C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
    C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\UFDisk Format Tool2\UFDisk Format Tool2\iFormat2.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\PROGRA~1\Intuwave\Shared\MROUTE~1\MRB39E~1.EXE
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://10.52.57.240:8080
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AeXAgentLogon] C:\Program Files\Altiris\Altiris Agent\AeXAgentActivate.exe /logon
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [GFRShortcut] "C:\Program Files\GoFileRoom\Common Files\GFRShortcut.exe"
    O4 - HKLM\..\Run: [GFRPrinter] "C:\Program Files\GoFileRoom\PrintToGoFileRoom\PrintDriver\GoFileRoomPrinter.exe" -install
    O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
    O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'Default user')
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: iFormat2.lnk = C:\Program Files\UFDisk Format Tool2\UFDisk Format Tool2\iFormat2.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: SabStart.lnk = C:\Program Files\Csapi\Print32\Sabstart.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {654B32A7-3103-4F58-B3AE-2D847520C2BE} (GFRCheckBrowser.clsGetVersion) - https://workflow.onesourcetax.com/GFRCheckBrowser.dll
    O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://vpn.awacompass.com/dana-cached/setup/JuniperSet...
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lcc.usairways.com
    O17 - HKLM\Software\..\Telephony: DomainName = lcc.usairways.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lcc.usairways.com
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: AMINIT.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Altiris Carbon Copy (CarbonCopy32) - Altiris - C:\WINDOWS\system32\ccsrvc.exe
    O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
    O23 - Service: DB2 Security Server (DB2COPY1) (DB2NTSECSERVER_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
    O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: Sabre Print (SabrePrint) - Sabre Inc. - C:\Program Files\Csapi\Print32\OADP.EXE

    --
    End of file - 12262 bytes
    23 Octobre 2008 21:02:31

    Oui toujours le meme probleme ; Window live messenger ne se lance pas et l'icone disparait . Voici le rapport Antivir.
    Avira AntiVir Personal
    Report file date: Thursday, October 23, 2008 19:23

    Scanning for 1369550 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: 51521CDGACL01

    Version information:
    BUILD.DAT : 8.2.0.334 16933 Bytes 10/16/2008 14:55:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 6/26/2008 08:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 07:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 12:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 07:58:52
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 10:33:34
    ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 13:54:15
    ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 6/30/2008 05:20:53
    ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 6/30/2008 09:24:47
    Engineversion : 8.2.0.4
    AEVDF.DLL : 8.1.0.6 102772 Bytes 10/14/2008 10:05:56
    AESCRIPT.DLL : 8.1.1.8 319866 Bytes 10/16/2008 11:43:34
    AESCN.DLL : 8.1.1.3 123252 Bytes 10/14/2008 10:05:56
    AERDL.DLL : 8.1.1.2 438644 Bytes 9/12/2008 06:06:02
    AEPACK.DLL : 8.1.2.4 369014 Bytes 10/14/2008 10:05:56
    AEOFFICE.DLL : 8.1.0.28 196987 Bytes 10/14/2008 10:05:56
    AEHEUR.DLL : 8.1.0.59 1438071 Bytes 9/18/2008 09:07:50
    AEHELP.DLL : 8.1.1.2 115062 Bytes 10/14/2008 10:05:56
    AEGEN.DLL : 8.1.0.41 319861 Bytes 10/14/2008 10:05:56
    AEEMU.DLL : 8.1.0.9 393588 Bytes 10/14/2008 10:05:56
    AECORE.DLL : 8.1.2.6 172406 Bytes 10/14/2008 10:05:56
    AEBB.DLL : 8.1.0.3 53618 Bytes 10/14/2008 10:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 08:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 09:28:01
    AVREP.DLL : 7.0.0.1 155688 Bytes 6/30/2008 14:35:20
    AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 11:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 12:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 12:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 13:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 13:34:37

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: Thursday, October 23, 2008 19:23

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
    Scan process 'mRouterWidCommSupport143.exe' - '1' Module(s) have been scanned
    Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
    Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
    Scan process 'iFormat2.exe' - '1' Module(s) have been scanned
    Scan process 'BTTray.exe' - '1' Module(s) have been scanned
    Scan process 'AcroTray.exe' - '1' Module(s) have been scanned
    Scan process 'mRouterRuntime.exe' - '1' Module(s) have been scanned
    Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
    Scan process 'mRouterConfig.exe' - '1' Module(s) have been scanned
    Scan process 'ISUSPM.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'Mctray.exe' - '1' Module(s) have been scanned
    Scan process 'kmw_run.exe' - '1' Module(s) have been scanned
    Scan process 'UdaterUI.exe' - '1' Module(s) have been scanned
    Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
    Scan process 'QLBCTRL.exe' - '1' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
    Scan process 'Client.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
    Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'naPrdMgr.exe' - '1' Module(s) have been scanned
    Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'MDM.EXE' - '1' Module(s) have been scanned
    Scan process 'FrameworkService.exe' - '1' Module(s) have been scanned
    Scan process 'dsNcService.exe' - '1' Module(s) have been scanned
    Scan process 'db2sec.exe' - '1' Module(s) have been scanned
    Scan process 'ShellKer.exe' - '1' Module(s) have been scanned
    Scan process 'CCSRVC.exe' - '1' Module(s) have been scanned
    Scan process 'btwdins.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'AeXNSAgent.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'scardsvr.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    59 processes with 59 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '73' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\0DE705M3\wbk25A.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '496bb5fb.qua'!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\0DE705M3\wbk26C.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '496bb5fc.qua'!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\17Z5N57K\wbk161.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '496bb60f.qua'!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\17Z5N57K\wbk167.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '4861d1e8.qua'!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\CDY7C1A7\wbk139.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '496bb671.qua'!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\CDY7C1A7\wbk151.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '496bb672.qua'!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\CDY7C1A7\wbkCE.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '496bb680.qua'!
    C:\Documents and Settings\u48849\Local Settings\Temporary Internet Files\Content.IE5\W3NHMBWX\wbk14F.tmp
    [DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
    [NOTE] The file was moved to '496bb68f.qua'!
    C:\System Volume Information\_restore{1412D243-E939-4990-BF71-AE9137910458}\RP1\A0011288.exe
    [DETECTION] Contains recognition pattern of the DR/MartShop.2 dropper
    [NOTE] The file was moved to '4930bbfe.qua'!
    C:\System Volume Information\_restore{1412D243-E939-4990-BF71-AE9137910458}\RP1\A0040034.exe
    [DETECTION] Contains recognition pattern of the DR/180Solutions.BJ.4 dropper
    [NOTE] The file was moved to '4930bcd3.qua'!
    C:\ToolBar SD\Backup-TB\Program Files\SmartShopper\Uninst.exe
    [DETECTION] Contains recognition pattern of the DR/MartShop.2 dropper
    [NOTE] The file was moved to '4969c1d8.qua'!


    End of the scan: Thursday, October 23, 2008 20:33
    Used time: 1:10:01 Hour(s)

    The scan has been done completely.

    11233 Scanning directories
    520120 Files were scanned
    11 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    11 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    520108 Files not concerned
    4029 Archives were scanned
    1 Warnings
    11 Notes

    a b 8 Sécurité
    24 Octobre 2008 17:42:24

    Reposte un rapport Hijackthis.
    24 Octobre 2008 18:45:41

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:45:11 PM, on 10/24/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\System32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\ccsrvc.exe
    C:\Program Files\Altiris\Carbon Copy\shellker.exe
    C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
    C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Altiris\CARBON~1\client.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\McAfee\Common Framework\UdaterUI.exe
    C:\WINDOWS\system32\kmw_run.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
    C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
    C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
    C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\UFDisk Format Tool2\UFDisk Format Tool2\iFormat2.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\PROGRA~1\Intuwave\Shared\MROUTE~1\MRB39E~1.EXE
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://10.52.57.240:8080
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AeXAgentLogon] C:\Program Files\Altiris\Altiris Agent\AeXAgentActivate.exe /logon
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [GFRShortcut] "C:\Program Files\GoFileRoom\Common Files\GFRShortcut.exe"
    O4 - HKLM\..\Run: [GFRPrinter] "C:\Program Files\GoFileRoom\PrintToGoFileRoom\PrintDriver\GoFileRoomPrinter.exe" -install
    O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
    O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'Default user')
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: iFormat2.lnk = C:\Program Files\UFDisk Format Tool2\UFDisk Format Tool2\iFormat2.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: SabStart.lnk = C:\Program Files\Csapi\Print32\Sabstart.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {654B32A7-3103-4F58-B3AE-2D847520C2BE} (GFRCheckBrowser.clsGetVersion) - https://workflow.onesourcetax.com/GFRCheckBrowser.dll
    O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://vpn.awacompass.com/dana-cached/setup/JuniperSet...
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lcc.usairways.com
    O17 - HKLM\Software\..\Telephony: DomainName = lcc.usairways.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lcc.usairways.com
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: AMINIT.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Altiris Carbon Copy (CarbonCopy32) - Altiris - C:\WINDOWS\system32\ccsrvc.exe
    O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
    O23 - Service: DB2 Security Server (DB2COPY1) (DB2NTSECSERVER_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
    O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: Sabre Print (SabrePrint) - Sabre Inc. - C:\Program Files\Csapi\Print32\OADP.EXE

    --
    End of file - 12129 bytes
    a b 8 Sécurité
    24 Octobre 2008 20:18:07

    Encore des soucis ?
    25 Octobre 2008 05:17:42

    toujours impossible de lancer le msn. ai désinstallé réinstallé ... mais toujours rien.
    a b 8 Sécurité
    25 Octobre 2008 11:50:14

    Pas lié à l'infection je pense.
    28 Octobre 2008 15:21:14

    Une derniere piste pourrait vous aider. Il m'a semblé que depuis un hotel ou j'ai demandé la connection internet dans la chambre, un logiciel ai été installé qui m'interdisait pas mal d'acces à des pages web ainsi qu'à l'ouverture de msn ... Merci de toute votre aide .
    a b 8 Sécurité
    28 Octobre 2008 16:51:06

    Euh j'en sais rien là, à voir avec l'hôtel
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS