Votre question

Pub automatique avec wlm [Résolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Décembre 2007 19:22:10

Bonsoir ,
Voici mon problème : à chaque fois que je me connecte à Windows live messenger mes contacts reçoivent ceci comme message : Pub auto : --édité par Angeldark-- ! Tchat gratuit.
Comment faire pour ne plus envoyer ce genre de message à mes contacts ? :??: 
merci pour toute réponse :D 

Autres pages sur : pub automatique wlm resolu

18 Décembre 2007 20:45:53

Voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:02, on 18/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} (Java Plug-in 1.5.0_08) -
O18 - Protocol: bw+0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - c:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

--
End of file - 20080 bytes
C'est bon ?
Contenus similaires
a b 8 Sécurité
18 Décembre 2007 20:53:55

Re,

Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
18 Décembre 2007 21:27:22

Voici le rapport d'msn fix :
MSNFix 1.605

C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\MSNFix
Fix exécuté le 18/12/2007 - 21:29:34,89 By charles
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

... C:\Temp\




************************ Suppression des fichiers



************************ Suppression des dossiers

.. OK ... C:\Temp\


************************ Nettoyage du registre



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\OneCareSupportData.zip] 4F1F9DF0CE0EB5DBD2A46D38FA226F13

==> SVP merci d'envoyer le fichier C:\DOCUME~1\CHARLE~1.CHA\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 18122007_21323806.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

a b 8 Sécurité
18 Décembre 2007 21:29:17

Re,

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

&

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
18 Décembre 2007 22:19:24

C'est bon , j'ai désinstaller avast et j'ai installé antivir
18 Décembre 2007 23:33:32

Voilà le rapport d'Antivir :

AntiVir PersonalEdition Classic
Report file date: mardi 18 décembre 2007 22:26

Scanning for 980737 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: CHARLES-C9F5736

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 21:23:27
ANTIVIR2.VDF : 7.0.1.96 2048 Bytes 14/12/2007 21:23:27
ANTIVIR3.VDF : 7.0.1.118 110592 Bytes 18/12/2007 21:23:27
AVEWIN32.DLL : 7.6.0.45 3084800 Bytes 18/12/2007 21:23:29
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 18 décembre 2007 22:26

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'soundman.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
25 processes with 25 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '25' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Flashing avec far et xs++.rar
[0] Archive type: RAR
--> Flashing avec far et xs ++\FarManager170\Plugins\SEFP\sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Packw810(2).zip
[0] Archive type: ZIP
--> XS++ et FAR/FarManager170/Plugins/SEFP/sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Packw810.zip
[0] Archive type: ZIP
--> XS++ et FAR/FarManager170/Plugins/SEFP/sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Flashing avec far et xs ++\FarManager170\Plugins\SEFP\sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP432\A0591309.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d44ee.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP432\A0591315.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4527.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP432\A0591397.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4532.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0591421.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d453a.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0591434.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d453e.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0592434.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4543.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0593434.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4548.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0593449.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d454c.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0593468.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4553.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0594468.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4558.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0594495.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d455d.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0594511.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4564.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP435\A0594524.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d456b.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP435\A0595524.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4571.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP435\A0596524.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4577.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0596816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4585.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0597816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d458b.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0598816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4591.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0599816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4594.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0600816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e4597.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0601816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601830.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601880.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601921.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601934.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601950.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601966.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0601981.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602107.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602209.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45c7.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602221.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45c9.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602243.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45cb.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602260.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45cf.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602302.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45d3.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603302.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45d5.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603315.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45d8.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603338.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45da.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603356.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45dd.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP439\A0603378.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45e0.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP439\A0603396.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45e2.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP441\A0604396.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45e8.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP441\A0605396.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45eb.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Disque local>


End of the scan: mardi 18 décembre 2007 23:38
Used time: 1:11:56 min

The scan has been done completely.

12725 Scanning directories
452992 Files were scanned
46 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
27 files were deleted
0 files were repaired
33 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
452946 Files not concerned
6562 Archives were scanned
3 Warnings
72 Notes

a b 8 Sécurité
19 Décembre 2007 10:47:03

J'ai mis deux fois la même chose hier :D 

[#ff0000]CECI EST UNE ETAPE IMPORTANTE A REALISER ![/#f]
Upload l'archive Upload_Me.zip contenant les fichiers suspects afin de développer l'outil MSNFix.
AIDE : Upload des fichiers supects pour MSNFix

Reposte un rapport Hijackthis.
19 Décembre 2007 13:25:10

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:31:55, on 19/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} (Java Plug-in 1.5.0_08) -
O18 - Protocol: bw+0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - c:\Program Files\Ares\chatServer.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

--
End of file - 19767 bytes
a b 8 Sécurité
19 Décembre 2007 13:34:59

Re,

Fix la ligne dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)
19 Décembre 2007 13:49:48

C'est bon , C'est fait
a b 8 Sécurité
19 Décembre 2007 14:00:56

Encore des soucis ?
19 Décembre 2007 14:06:09

J'vé me connecter pour voir et j'vous tiens au courant *
a b 8 Sécurité
19 Décembre 2007 14:07:38

Ok ;) 
24 Décembre 2007 08:47:18

C'est bon c'est réglé !!! J'ai mis du temps à répondre ( désoler ) parce que quelque contact le recevait encore *
Merci pour tout *
a b 8 Sécurité
24 Décembre 2007 12:07:36

Bonnes fêtes !

  • Télécharge ToolsCleaner sur ton Bureau.
  • Clique sur Recherche et laisse le scan se terminer.
  • Clique sur Suppression pour finaliser.
  • Clique sur Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

    Désactive puis réactive la restauration du système : Voir aide

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

    26 Décembre 2007 18:00:26

    Voila
    -->- Recherche:

    C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe: trouvé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\MsnFix: trouvé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\HijackThis: trouvé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\hijackthis\HijackThis.exe: trouvé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\MSNFix.lnk: trouvé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\HijackThis.lnk: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe: supprimé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\hijackthis\HijackThis.exe: supprimé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\MSNFix.lnk: supprimé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\HijackThis.lnk: supprimé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\MsnFix: supprimé !
    C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\HijackThis: supprimé !
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS