Se connecter / S'enregistrer
Votre question

[resolu] log hijackthis drive cleaner, look2me, et autre spyware

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Décembre 2006 11:53:10

bonjour a tous

mon pc a de gros probleme apparament, j'ai plein de fenetre de pub qui vienne tous le temps et j'ai aussi un logiciel drive cleaner qui n'arrette pas de vouloir s'installer.

j'ai deja passer un coup de ad aware et de spybot, il m'ont tous les deux detecter des virus mais pourtant j'ai encore des peut probleme.

voici mon log hijackthis si qq peut m'aider!!

Logfile of HijackThis v1.99.1
Scan saved at 11:46:09, on 26/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\IMAP\Bureau\antispy\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.boursorama.com/portefeuille/portefeuille.pht...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O18 - Protocol: bw+0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: MS-DOS Emulation - C:\WINDOWS\system32\hr0u05d9e.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

merci a tous pour votre aide

Autres pages sur : resolu log hijackthis drive cleaner look2me spyware

a b 8 Sécurité
26 Décembre 2006 12:19:47

Bonjour,

Commençons par l'infection Look2me.

Prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant ce fix. Regarde bien la note au bas, avant de débuter.

Télécharge Look2Me-Destroyer.exe (par Atribune) sur ton Bureau.
  • Ferme toutes les fenêtres actives avant de passer à l'étape suivante.
  • Double-clique Look2Me-Destroyer.exe afin de lancer l'outil.
  • Coche Run this program as a task
  • Un message s'affichera, te disant ceci : "Look2Me-Destroyer will close and re-open in approximately 1 minute". Clique OK
  • Il se relancera après la minute, puis clique sur le bouton Scan for L2M; les icônes de ton Bureau vont disparaître : c'est normal.
  • Lorsque le scan termine, clique sur le bouton Remove L2M
  • Un message Done Scanning apparaîtra, clique OK.
  • Un nouveau message s'affichera : Done removing infected files! Look2Me-Destroyer will now shutdown your computer; clique OK.
  • Ton PC va maintenant s'éteindre.
  • Démarre ton PC normalement.
  • Colle le rapport généré (Look2Me-Destroyer.txt), situé sur le Bureau, ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

    ** Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
    26 Décembre 2006 14:00:28

    merci de m'avoir repondu

    mes logs:


    Look2Me-Destroyer V1.0.12

    Scanning for infected files.....
    Scan started at 26/12/2006 13:54:24

    Infected! C:\WINDOWS\system32\lv4209hoe.dll
    Infected! C:\WINDOWS\system32\btackbox.dll
    Infected! C:\WINDOWS\system32\cnfgnt.dll
    Infected! C:\WINDOWS\system32\mghtml.dll
    Infected! C:\WINDOWS\system32\mwaudite.dll
    Infected! C:\WINDOWS\system32\wbvcore.dll
    Infected! C:\WINDOWS\system32\lzcalspl.dll
    Infected! C:\WINDOWS\system32\mcvci70.dll
    Infected! C:\WINDOWS\system32\kfdaze.dll
    Infected! C:\WINDOWS\system32\xllehlp.dll
    Infected! C:\WINDOWS\system32\meiwave.dll
    Infected! C:\WINDOWS\system32\dtstyle.dll
    Infected! C:\WINDOWS\system32\isc21.dll
    Infected! C:\WINDOWS\system32\lv4209hoe.dll
    Infected! C:\WINDOWS\system32\cccui.dll
    Infected! C:\WINDOWS\system32\eo.dll
    Infected! C:\WINDOWS\system32\h42o0ef3eh2.dll
    Infected! C:\WINDOWS\system32\dkwsock.dll
    Infected! C:\WINDOWS\system32\lv0209doe.dll
    Infected! C:\WINDOWS\system32\o6rolg9316.dll
    Infected! C:\WINDOWS\system32\f2l02c3mgf.dll
    Infected! C:\WINDOWS\system32\o0lu0a39ed.dll
    Infected! C:\WINDOWS\system32\kddmac.dll
    Infected! C:\WINDOWS\system32\kpdit142.dll
    Infected! C:\WINDOWS\system32\r68slgl716q.dll
    Infected! C:\WINDOWS\system32\en66l1js1.dll
    Infected! C:\WINDOWS\system32\ddnmodem.dll
    Infected! C:\WINDOWS\system32\cOmocx.dll
    Infected! C:\WINDOWS\system32\azaolgl316q.dll
    Infected! C:\WINDOWS\system32\ir0ml5d11.dll
    Infected! C:\WINDOWS\system32\d6j00g1me6.dll
    Infected! C:\WINDOWS\system32\h60qlgd5160.dll
    Infected! C:\WINDOWS\system32\h62olgf3162.dll
    Infected! C:\WINDOWS\system32\k608lgdu1608.dll
    Infected! C:\WINDOWS\system32\WkoDial2000.dll
    Infected! C:\WINDOWS\system32\h4n00e5meh.dll
    Infected! C:\WINDOWS\system32\m8juli1918.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123605.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123608.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123610.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123611.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123612.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123674.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123688.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123693.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP428\A0123569.dll
    Infected! C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP428\A0123570.dll

    Attempting to delete infected files...

    Attempting to delete: C:\WINDOWS\system32\lv4209hoe.dll
    C:\WINDOWS\system32\lv4209hoe.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\btackbox.dll
    C:\WINDOWS\system32\btackbox.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\cnfgnt.dll
    C:\WINDOWS\system32\cnfgnt.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\mghtml.dll
    C:\WINDOWS\system32\mghtml.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\mwaudite.dll
    C:\WINDOWS\system32\mwaudite.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\wbvcore.dll
    C:\WINDOWS\system32\wbvcore.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\lzcalspl.dll
    C:\WINDOWS\system32\lzcalspl.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\mcvci70.dll
    C:\WINDOWS\system32\mcvci70.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\kfdaze.dll
    C:\WINDOWS\system32\kfdaze.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\xllehlp.dll
    C:\WINDOWS\system32\xllehlp.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\meiwave.dll
    C:\WINDOWS\system32\meiwave.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\dtstyle.dll
    C:\WINDOWS\system32\dtstyle.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\isc21.dll
    C:\WINDOWS\system32\isc21.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\lv4209hoe.dll
    C:\WINDOWS\system32\lv4209hoe.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\cccui.dll
    C:\WINDOWS\system32\cccui.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\eo.dll
    C:\WINDOWS\system32\eo.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\h42o0ef3eh2.dll
    C:\WINDOWS\system32\h42o0ef3eh2.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\dkwsock.dll
    C:\WINDOWS\system32\dkwsock.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\lv0209doe.dll
    C:\WINDOWS\system32\lv0209doe.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\o6rolg9316.dll
    C:\WINDOWS\system32\o6rolg9316.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\f2l02c3mgf.dll
    C:\WINDOWS\system32\f2l02c3mgf.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\o0lu0a39ed.dll
    C:\WINDOWS\system32\o0lu0a39ed.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\kddmac.dll
    C:\WINDOWS\system32\kddmac.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\kpdit142.dll
    C:\WINDOWS\system32\kpdit142.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\r68slgl716q.dll
    C:\WINDOWS\system32\r68slgl716q.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\en66l1js1.dll
    C:\WINDOWS\system32\en66l1js1.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\ddnmodem.dll
    C:\WINDOWS\system32\ddnmodem.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\cOmocx.dll
    C:\WINDOWS\system32\cOmocx.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\azaolgl316q.dll
    C:\WINDOWS\system32\azaolgl316q.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\ir0ml5d11.dll
    C:\WINDOWS\system32\ir0ml5d11.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\d6j00g1me6.dll
    C:\WINDOWS\system32\d6j00g1me6.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\h60qlgd5160.dll
    C:\WINDOWS\system32\h60qlgd5160.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\h62olgf3162.dll
    C:\WINDOWS\system32\h62olgf3162.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\k608lgdu1608.dll
    C:\WINDOWS\system32\k608lgdu1608.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\WkoDial2000.dll
    C:\WINDOWS\system32\WkoDial2000.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\h4n00e5meh.dll
    C:\WINDOWS\system32\h4n00e5meh.dll Deleted successfully!

    Attempting to delete: C:\WINDOWS\system32\m8juli1918.dll
    C:\WINDOWS\system32\m8juli1918.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123605.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123605.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123608.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123608.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123610.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123610.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123611.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123611.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123612.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123612.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123674.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123674.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123688.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123688.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123693.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123693.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP428\A0123569.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP428\A0123569.dll Deleted successfully!

    Attempting to delete: C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP428\A0123570.dll
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP428\A0123570.dll Deleted successfully!

    Making registry repairs.

    Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IPConfTSP

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{72C78F33-DA9B-4F74-AAF7-C4BF4153CC5D}"
    HKCR\Clsid\{72C78F33-DA9B-4F74-AAF7-C4BF4153CC5D}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{9B16D4DF-736E-400F-B14E-7EF9A6245383}"
    HKCR\Clsid\{9B16D4DF-736E-400F-B14E-7EF9A6245383}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{8C1E0F58-D571-42E0-B663-D5E75A3559B3}"
    HKCR\Clsid\{8C1E0F58-D571-42E0-B663-D5E75A3559B3}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{DB0B17E3-62CF-434E-A548-5D6867C9B3C9}"
    HKCR\Clsid\{DB0B17E3-62CF-434E-A548-5D6867C9B3C9}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{96A07AD5-F1B1-46C6-9701-1808B892428B}"
    HKCR\Clsid\{96A07AD5-F1B1-46C6-9701-1808B892428B}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{595E88FA-296C-4928-A844-D0B14B78CC00}"
    HKCR\Clsid\{595E88FA-296C-4928-A844-D0B14B78CC00}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{B5F8DD94-F963-4961-AB6F-170A42897554}"
    HKCR\Clsid\{B5F8DD94-F963-4961-AB6F-170A42897554}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{6E8A85E1-F63D-430F-BD31-8D5643413DBB}"
    HKCR\Clsid\{6E8A85E1-F63D-430F-BD31-8D5643413DBB}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{B046592F-AFEE-482F-9100-58425C2C2A35}"
    HKCR\Clsid\{B046592F-AFEE-482F-9100-58425C2C2A35}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7BB6582C-CBF2-4CC3-8B46-CA33034E080E}"
    HKCR\Clsid\{7BB6582C-CBF2-4CC3-8B46-CA33034E080E}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{D91BAD0F-3D7E-4D68-9E58-3E19DFD4E7BC}"
    HKCR\Clsid\{D91BAD0F-3D7E-4D68-9E58-3E19DFD4E7BC}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{0F94B7A2-FB8E-46C4-BD2F-304411C85ED4}"
    HKCR\Clsid\{0F94B7A2-FB8E-46C4-BD2F-304411C85ED4}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5828B7C7-867F-4EDA-B7E6-D3B3E335F313}"
    HKCR\Clsid\{5828B7C7-867F-4EDA-B7E6-D3B3E335F313}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7AEEBB33-C47A-4AB9-9B01-B88EFAC51280}"
    HKCR\Clsid\{7AEEBB33-C47A-4AB9-9B01-B88EFAC51280}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{65BDC668-7930-423A-8BBC-D149FB5FCF88}"
    HKCR\Clsid\{65BDC668-7930-423A-8BBC-D149FB5FCF88}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{A2687538-7B9F-46F5-8B8C-B432122E9392}"
    HKCR\Clsid\{A2687538-7B9F-46F5-8B8C-B432122E9392}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{84AEC247-BC15-47A9-8CDE-D847280F2170}"
    HKCR\Clsid\{84AEC247-BC15-47A9-8CDE-D847280F2170}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{85C7A701-6D01-4B48-95B8-64914E8F1D38}"
    HKCR\Clsid\{85C7A701-6D01-4B48-95B8-64914E8F1D38}

    Restoring Windows certificates.

    Replaced hosts file with default windows hosts file


    Restoring SeDebugPrivilege for Administrateurs - Succeeded


    hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 14:00:49, on 26/12/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\IMAP\Bureau\antispy\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.boursorama.com/portefeuille/portefeuille.pht...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min
    O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O18 - Protocol: bw+0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C499FCA8-07F5-4340-BA7C-953EA11876F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    a b 8 Sécurité
    26 Décembre 2006 14:02:43

    On continue :

  • Télécharge combofix.exe (par sUBs) sur ton Bureau
  • Double clique combofix.exe.
  • Tape sur la touche Y (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    Télécharge Blacklight (F-Secure), clique sur " I ACCEPT " en bas de la page :
    Clique sur le premier " Download " afin de télécharger le programme
    Sauvegarde le sur ton Bureau
    Double-clique blbeta.exe et accepte la licence; clique Scan puis Next.

    A la fin du scan, NE TOUCHE A RIEN !

    Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
    Nous devons analyser ce rapport, ferme donc le BlackLight.

    Poste le rapport sur le forum.

    AIDE : Tuto sur BlackLight (Malekal)
    26 Décembre 2006 14:17:05

    log combofix

    IMAP - 06-12-26 14:07:46,82 Service Pack 2
    ComboFix 06.11.27 - Running from: "C:\Documents and Settings\IMAP\Bureau"

    ((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))
    C:\WINDOWS\system32\MWUNI10.DLL
    C:\WINDOWS\system32\WNNSKFR.DLL


    Granting sedebugprivilege to Administrateurs ... successful


    ((((((((((((((((((((((((((((((( Files Created from 2006-11-26 to 2006-12-26 ))))))))))))))))))))))))))))))))))


    2006-12-26 14:01 <REP> d-------- C:\Program Files\RegCleaner
    2006-12-26 11:36 <REP> d-------- C:\WINDOWS\BDOSCAN8
    2006-12-26 10:52 <REP> d-------- C:\Documents and Settings\IMAP\Application Data\DriveCleaner 2006 Free
    2006-12-26 09:42 <REP> d-------- C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
    2006-12-25 16:38 <REP> d-------- C:\Program Files\MSXML 4.0
    2006-12-25 16:38 <REP> d-------- C:\6166fa52c6c39a237b25
    2006-12-25 16:17 <REP> d--hs---- C:\FOUND.006


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-12-07 07:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
    2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
    2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
    2006-10-20 02:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
    2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "BDMCon"="c:\\progra~1\\softwin\\bitdef~1\\bdmcon.exe"
    "BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
    "BDNewsAgent"="\"C:\\progra~1\\softwin\\bitdef~1\\bdnagent.exe\""
    "BDSwitchAgent"="\"C:\\progra~1\\softwin\\bitdef~1\\bdswitch.exe\""
    "DriveCleaner 2006 Free"="\"C:\\Program Files\\DriveCleaner 2006 Free\\UDC2006.exe\" /min"
    "SDR6V_Check"="\"C:\\Program Files\\Fichiers communs\\DriveCleaner 2006 Free\\SDRmon.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000004

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BitDefender Live!.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\BitDefender Live!.lnk"
    "backup"="C:\\WINDOWS\\pss\\BitDefender Live!.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\FICHIE~1\\Softwin\\Live\\avxlive.exe /back"
    "item"="BitDefender Live!"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Corel Family & Friends Reminders.LNK]
    "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Corel Family & Friends Reminders.LNK"
    "backup"="C:\\WINDOWS\\pss\\Corel Family & Friends Reminders.LNKCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\Corel\\PRINTH~1\\cffrem.exe "
    "item"="Corel Family & Friends Reminders"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^EuroThink Agenda.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\EuroThink Agenda.lnk"
    "backup"="C:\\WINDOWS\\pss\\EuroThink Agenda.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\EUROTH~1\\Agenda\\Agenda.exe "
    "item"="EuroThink Agenda"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Logitech Desktop Messenger.lnk"
    "backup"="C:\\WINDOWS\\pss\\Logitech Desktop Messenger.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\Logitech\\DESKTO~1\\8876480\\Program\\LDMConf.exe /start"
    "item"="Logitech Desktop Messenger"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Microsoft Office.lnk"
    "backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.EXE -b -l"
    "item"="Microsoft Office"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Murphy Shield.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Murphy Shield.lnk"
    "backup"="C:\\WINDOWS\\pss\\Murphy Shield.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\SOFTWIN\\BDProf\\mgui.exe "
    "item"="Murphy Shield"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Supervision de Photo Loader.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Supervision de Photo Loader.lnk"
    "backup"="C:\\WINDOWS\\pss\\Supervision de Photo Loader.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\Kodak\\Plauto.exe "
    "item"="Supervision de Photo Loader"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="F_LCON~1"
    "hkey"="HKCU"
    "command"="C:\\PROGRA~1\\FUSION~1\\F_LCON~1.exe -debut"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Apoint"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Apoint2K\\Apoint.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDSwitchAgent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bdswitch"
    "hkey"="HKLM"
    "command"="\"C:\\progra~1\\softwin\\bitdef~1\\bdswitch.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ctfmon"
    "hkey"="HKCU"
    "command"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gimmysmileys]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="gimmysmileys1"
    "hkey"="HKLM"
    "command"="C:\\\\gimmysmileys1.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\keyboard]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="keyboard1"
    "hkey"="HKLM"
    "command"="C:\\\\keyboard1.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Alaunch"
    "hkey"="HKLM"
    "command"="Alaunch"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="LogitechDesktopMessenger"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="QtaET2S"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\LAUNCH~1\\QtaET2S.EXE"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Logi_MwX"
    "hkey"="HKLM"
    "command"="Logi_MwX.Exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mousepad]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="mousepad1"
    "hkey"="HKLM"
    "command"="C:\\\\mousepad1.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NBJ"
    "hkey"="HKCU"
    "command"="\"C:\\Documents and Settings\\IMAP\\Bureau\\documents BEN\\Nero BackItUp\\NBJ.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quru]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="qurum"
    "hkey"="HKCU"
    "command"="C:\\PROGRA~1\\FICHIE~1\\quru\\qurum.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shell]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ibm00001"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\ibm00001.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="mobsync"
    "hkey"="HKLM"
    "command"="%SystemRoot%\\system32\\mobsync.exe /logon"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="WinVNC"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\RealVNC\\WinVNC\\WinVNC.exe\" -servicehelper"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="CnxMon"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\WANADOO\\CnxMon.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="TaskbarIcon"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\WANADOO\\TaskbarIcon.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Watch"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\WANADOO\\Watch.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    Completion time: 06-12-26 14:09:34.65
    C:\ComboFix.txt ... 06-12-26 14:09

    backlight


    12/26/06 14:15:45 [Info]: BlackLight Engine 1.0.47 initialized
    12/26/06 14:15:45 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    12/26/06 14:15:45 [Note]: 7019 4
    12/26/06 14:15:45 [Note]: 7005 0
    12/26/06 14:15:48 [Note]: 7006 0
    12/26/06 14:15:48 [Note]: 7011 1520
    12/26/06 14:15:48 [Note]: 7026 0
    12/26/06 14:15:48 [Note]: 7026 0
    12/26/06 14:15:52 [Note]: FSRAW library version 1.7.1020
    12/26/06 14:16:24 [Note]: 2000 1012
    12/26/06 14:16:24 [Note]: 2000 1012
    12/26/06 14:17:07 [Note]: 7007 0


    merci encore
    a b 8 Sécurité
    26 Décembre 2006 14:28:18

    Re,

    On passe à DriveCleaner.

    Les manipulations sont à faire sans interruption et dans l'ordre
    Si tu ne comprends pas quelque chose, demande des explications avant de commencer.


    Enregistre cette page pour avoir accès à la procédure en mode sans échec :
    - Fichier
    - Enregistrer Sous...
    - Nom du fichier : Procédure
    - Type : Page Web, complète
    - Pour l'emplacement, chosis ton Bureau
    - Clique maintenant sur Enregistrer

    Télécharge :

    Brute Force Uninstaller (de Merjin).
    Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

    FAIS UN CLIQUE-DROIT ICI et choisis "Enregistrer la cible du lien sous..." afin de télécharger Winsoftware.bfu (de Metallica). Sauvegarde-le dans le dossier créé (C:\BFU).
    Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Winsoftware.bfu et BFU.exe (très important).

    Note : Si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".

    AIDE : Comment installer et utiliser BFU ?

    Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

    Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

    - Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

    Winsoftware.bfu

    - Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Winsoftware.bfu

    Clique sur Execute et laisse-le faire son travail.

    Attends que Complete script execution apparaisse pour cliquer sur OK.
    Clique Exit pour fermer le programme BFU.

    Redémarre normalement.

    Poste le rapport Hijackthis.
    26 Décembre 2006 14:43:36

    voila le log

    Logfile of HijackThis v1.99.1
    Scan saved at 14:43:58, on 26/12/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\IMAP\Bureau\antispy\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.boursorama.com/portefeuille/portefeuille.pht...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    a b 8 Sécurité
    26 Décembre 2006 14:44:36

    Ca a marché :) 

    Log Hijackthis clean.

    -- Fais un scan en ligne Kaspersky :
    - Scan le Poste de travail
    - Sauvegarde puis colle le rapport en fin d'analyse
    AIDE : Démonstration en images..

    Si ce message apparaît :
    "La licence de Kaspersky On-line Scanner est périmée"
    Va dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
    Retente ensuite le scan.
    26 Décembre 2006 15:52:38

    avec bitdefender jespere que ca ira


    //-----------------------------------------------------------------
    //
    // Produit BitDefender Antivirus Plus v10
    // Produit 10.0
    //
    // Créé le: 26/12/2006 15:36:58
    //
    //-----------------------------------------------------------------


    Statistiques

    Chemin cible: C:\
    D:\
    Dossiers : 2210
    Fichiers : 16004
    Processus Mémoire analysés : 4
    Archives : 4
    Fichiers enpaquetés : 724
    Virus trouvés : 6
    Fichiers infectés : 42
    Processus Mémoire infectés : 0
    Fichiers suspects : 0
    Alertes : 0
    Fichiers désinfectés : 0
    Fichiers effacés : 37
    Fichiers déplacés : 5
    Erreurs I/O : 8
    Temps d'analyse :=00:10:41
    Fichiers/seconde :24

    Statistiques Spywares

    Registres analysés : 1642
    Registres infectés : 0
    Cookies analysés : 18
    Cookies infectés : 0
    Fichiers spyware infectés : 0
    Menaces Spyware détectées : 0


    Définitions virus : 385888
    Plugins d'analyse : 16
    Plugins archives : 41
    Plug-ins décompression : 6
    Plug-ins messagerie : 6
    Plug-ins système : 5

    Options d'analyse

    Détection
    [X] Analyser le secteur de boot
    [X] Processus mémoire
    [ ] Analyser les archives
    [X] Analyser les fichiers enpaquetés
    [X] Analyser la messagerie

    Masque fichiers
    [X] Programmes
    [ ] Tous les fichiers
    [ ] Extensions définies par l'utilisateur:
    [ ] Exclure les extensions: ;

    Action

    Objets infectés
    [ ] Ignorer
    [X] Désinfecter
    [ ] Effacer
    [ ] Mettre en quarantaine
    [ ] Demander l'action

    Seconde action
    [ ] Ignorer
    [ ] Effacer
    [X] Mettre en quarantaine
    [ ] Demander l'action

    Options d'analyse
    [X] Activer les alertes
    [ ] Activer l'heuristique
    [ ] Afficher tous les fichiers dans le journal
    [X] Fichier journal: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1167143818.log

    Options d'analyse Spyware

    [X] Analyse contre les risques non-viraux
    [ ] Ecarter de l'analyse les dialers et les applications
    [X] Clés de registres
    [X] Cookies


    Résumé:

    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123606.exe Infecté: Trojan.Fakealert.FB
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123606.exe Désinfection impossible
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123606.exe Déplacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123609.DLL Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123609.DLL Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123613.exe Détecté: Adware.Zesty.C
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123613.exe Désinfection impossible
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP429\A0123613.exe Déplacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123670.exe Détecté: Adware.WinAntiVirus.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123670.exe Désinfection impossible
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123670.exe Déplacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123671.exe Détecté: Adware.Maxifiles.B
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123671.exe Désinfection impossible
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123671.exe Déplacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123697.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123697.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123698.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123698.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123699.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123699.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123700.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123700.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123701.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123701.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123702.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123702.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123703.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123703.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123704.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123704.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123705.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123705.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123706.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123706.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123707.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123707.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123708.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123708.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123709.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123709.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123710.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123710.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123711.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123711.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123712.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123712.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123713.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123713.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123714.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123714.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123715.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123715.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123716.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123716.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123717.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123717.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123718.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123718.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123719.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123719.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123720.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123720.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123721.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123721.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123722.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123722.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123723.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123723.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123724.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123724.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123725.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123725.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123726.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123726.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123727.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123727.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123728.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123728.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123729.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123729.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123730.dll Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP430\A0123730.dll Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP432\A0125357.DLL Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP432\A0125357.DLL Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP432\A0125358.DLL Détecté: Adware.Dinky.A
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP432\A0125358.DLL Effacé
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP435\A0126043.exe Infecté: Trojan.Downloader.Winfixer.E
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP435\A0126043.exe Désinfection impossible
    C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP435\A0126043.exe Déplacé
    a b 8 Sécurité
    26 Décembre 2006 16:03:28

    Désactive puis réactive la restauration du système.
    D'autres problèmes ?
    26 Décembre 2006 22:19:04

    desole pour le retard de ma reponse
    mais merci beaucoup pour ton aide non je n'ai pas d'autre probleme
    merci encore
    a b 8 Sécurité
    27 Décembre 2006 13:10:16

    Re,

    Edite ton premier message avec puis ajoute (Résolu) au titre.

    Dénonce ton infection (Look2me) pour faire condamner les auteurs, ça serait sympa.
    Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être le plus nombreux possibles, alors rends compte de ton infection.
    AIDE : Comment rapporter son infection sur Malware-Complaints ?

    Consulte cette page pour éviter que ces problèmes ne réapparaissent.

    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS