Tom's Guide > Forum > Sécurité - Virus > C:\windows\system32\ywrnlu.exe RAPPORT HIJACKTHIS, Mode ss échec impos

C:\windows\system32\ywrnlu.exe RAPPORT HIJACKTHIS, Mode ss échec impos

Forum Sécurité - Virus : C:\windows\system32\ywrnlu.exe RAPPORT HIJACKTHIS, Mode ss échec impos

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
SaturneCatherine   17-11-2006 à 17:17:01

Bonsoir,

J'ai installé tantot le programme InternetGameBox. C'est un programme qu'on met pr jouer en ligne ..... Cependant, ce prog voulait accéder à ma base de registre alors j'ai dit à Kaspersky de le bloquer ... Jai donc supprimé le prog mais depuis, j'ai tt le temps cette alerte qui revient

16/11/2006 20:07:29 C:\windows\system32\ywrnlu.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ywrnlu c:\windows\system32\ywrnlu.exe ywrnlu Ligne Unicode terminée par zéro Création interdit

J'ai fait une analyse avec Kaspersky 6.0, avec Ccleaner, spybot, ad-aware mais ca continue ....

Comment puis je faire pr résoudre ce soucis svp ?

De plus, cette crasse ne me laisse mm plus redémarrer en mode sans échec frown.gif Il est écrit qu'un programme ou un new matériel pourrait etre à l'origine de ca et il me propose de redémarrer en mode normal ou selon la dernière bonne config mais si je refuse, il relance le pc en me remettant soit la mm chose qd je réessaie en F8 ou, si je ne fais rien, en mode normal ......

Voici mon rapport HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 21:33:06, on 16/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\LVComsX.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Documents and Settings\Catherine\Bureau\SATURNE.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://coolbox.be/slk200
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: FortisCzPc - https://www.fortisbanking.be/FortisCzPC.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://download.macromedia.com/pub [...] tor/sw.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: bw+0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

Merci d'avance

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
SaturneCatherine   17-11-2006 à 18:20:03
- 0 +

J'ai fait une analyse avec Blacklight et voici le rapport ..... Ca parle du fameux ywrnlu.exe qui me tracasse justement ..... Que faire pr s'en débarrasser svp ?

Merci d'avance

11/17/06 18:10:32 [Info]: BlackLight Engine 1.0.47 initialized
11/17/06 18:10:32 [Info]: OS: 5.1 build 2600 (Service Pack 2)
11/17/06 18:10:32 [Note]: 7019 4
11/17/06 18:10:32 [Note]: 7005 0
11/17/06 18:10:36 [Note]: 7006 0
11/17/06 18:10:36 [Note]: 7011 2292
11/17/06 18:10:46 [Note]: 7026 0
11/17/06 18:10:46 [Note]: 7026 0
11/17/06 18:10:46 [Note]: 7024 3
11/17/06 18:10:46 [Info]: Hidden process: C:\windows\system32\ywrnlu.exe
11/17/06 18:10:46 [Note]: FSRAW library version 1.7.1020
11/17/06 18:12:55 [Info]: Hidden file: c:\WINDOWS\Prefetch\YWRNLU.EXE-357812E6.pf
11/17/06 18:12:55 [Note]: 10002 1
11/17/06 18:13:50 [Info]: Hidden file: c:\WINDOWS\system32\ywrnlu.dat
11/17/06 18:13:50 [Note]: 10002 1
11/17/06 18:13:50 [Info]: Hidden file: C:\windows\system32\ywrnlu.exe
11/17/06 18:13:50 [Note]: 10002 1
11/17/06 18:13:51 [Info]: Hidden file: c:\WINDOWS\system32\ywrnlu_nav.dat
11/17/06 18:13:51 [Note]: 10002 1
11/17/06 18:13:51 [Info]: Hidden file: c:\WINDOWS\system32\ywrnlu_navps.dat
11/17/06 18:13:51 [Note]: 10002 1
11/17/06 18:15:57 [Note]: 7007 0

Répondre à SaturneCatherine
Angeldark   17-11-2006 à 18:23:20
- 0 +

Bonjour,

Faire attention avec les gratuiciels (Freeware) sur les jeux.

Les manipulations sont à faire sans interruption et dans l'ordre
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

Enregistre cette page pour avoir accès à la procédure en mode sans échec :
- Fichier
- Enregistrer Sous...
- Nom du fichier : Procédure
- Type : Page Web, complète
- Pour l'emplacement, chosis ton Bureau
- Clique maintenant sur Enregistrer

Télécharge :

Brute Force Uninstaller (de Merjin).
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

Navipromo.zip et décompresse-le sur ton bureau.

FAIS UN CLIQUE-DROIT ICI et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde-le dans le dossier créé (C:\BFU).
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

Note : Si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".

AIDE : Comment installer et utiliser BFU ?

Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo. Sélectionne l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.

Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

EGDACCESS.bfu

- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu

Clique sur Execute et laisse-le faire son travail.

Attends que Complete script execution apparaîsse pour cliquer sur OK.
Clique Exit pour fermer le programme BFU.

Redémarre normalement.

Poste les rapports :
- Hijackthis
- C:\egd.txt
- C:\Navipromo.txt

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
SaturneCatherine   17-11-2006 à 19:23:34
- 0 +

Merci pr ton aide mais entre temps, j'ai qqun qui m'a fait faire une analyse avec BlackLight et qui m'a fait renommer les 5 fichiers trouvés par BlackLight (voir rapport que j'ai collé plus haut) et j'ai donc pu les supprimer .... Penses-tu qu'il y ait autre chose à faire par sureté ou pas ? Est-ce que InternetGameBox pourrait avoir installé d'autres choses ?

JE N'ARRIVE CEPENDANT TOUJOURS PAS A DEMARRER EN MODE SANS ECHEC !!! Comment faire svp ?

Merci :)


Message édité par SaturneCatherine le 17-11-2006 à 19:30:19
Répondre à SaturneCatherine
Angeldark   17-11-2006 à 19:46:25
- 0 +

Il fallait pas les renommer :(
Fais quand même ce que j'ai dit.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
SaturneCatherine   17-11-2006 à 19:47:59
- 0 +

ho zut alors :s il me les a fait renommer puis supprimer :/

Ok, je vais faire ca ..... :)

Merci

Répondre à SaturneCatherine
SaturneCatherine   17-11-2006 à 19:49:54
- 0 +

Est ce que tu penses que je dois réinstaller InternetGameBox pr les récupérer avant de faire ta procédure ??


Message édité par SaturneCatherine le 17-11-2006 à 19:55:09
Répondre à SaturneCatherine
SaturneCatherine   17-11-2006 à 19:54:42
- 0 +

Angeldark a écrit :

No
On sait comment les retrouver.


Même si j'ai pensé vider ma corbeille ?

Répondre à SaturneCatherine
SaturneCatherine   17-11-2006 à 19:55:21
- 0 +

Mais j'y pense, comment pourrais je démarrer en mode sans échec comme tu le suggères si je ne sais plus démarrer en mode sans échec ? :/

Répondre à SaturneCatherine
Angeldark   17-11-2006 à 20:04:06
- 0 +

Je ne me rappelle plus si on peut le faire en mode normal...

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
SaturneCatherine   17-11-2006 à 20:45:45
- 0 +

Ok je vais essayer en mode normal qd j'aurai souper ;)

Par contre, pr la restauration système, il ne me laisse pas le faire non plus ... Il me met un message : "Restauration du système ne peut pas protéger votre ordinateur. Faites redémarrer votre ordinateur, puis relancez Restauration du système" mais qd je fais ce qu'il me dit, ca ne va pas et ds le panneau de config + système + restauration système, la case pr la désactiver n'est pas cochée ...

Répondre à SaturneCatherine
Angeldark   17-11-2006 à 20:46:48
- 0 +

Pas grave on va rétablir ton pc.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
SaturneCatherine   17-11-2006 à 21:53:40
- 0 +

Ce serait cool ca, de fait lol

Voilà, j'ai fait, en mode normal (vu que je ne sais plus faire ni restauration, ni démarrage en mode sans échec), tt ce que tu m'as demandé de faire et voici les rapports :

1. HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 21:49:06, on 17/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Catherine\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://coolbox.be/slk200
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [ywrnlu] c:\windows\system32\ywrnlu.exe ywrnlu
O4 - HKCU\..\Run: [ywrnlu] c:\windows\system32\ywrnlu.exe ywrnlu
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: FortisCzPc - https://www.fortisbanking.be/FortisCzPC.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://download.macromedia.com/pub [...] tor/sw.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: bw+0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

2. egd.txt

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kav"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""
"ywrnlu"="c:\\windows\\system32\\ywrnlu.exe ywrnlu"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

3. Navipromo.txt

Rapport Navipromo.bat 0.5 effectué le ven. 17/11/2006 à 21:44:30,85

** Recherche...

Fin du rapport de recherche
Adware Navipromo non trouvé avec cette méthode


Voilààààààà, j'attends ton verdict pr que tt soit de nouveau sain et fonctionnel :) Merci d'avance

Répondre à SaturneCatherine
Angeldark   17-11-2006 à 21:57:52
- 0 +

Re,

Ouvre le Bloc-Notes et copie-colle les lignes en bleu ci-dessous :

RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ywrnlu
RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ywrnlu
FileDelete %SYSDIR%\ywrnlu_navps.dat
FileDelete %SYSDIR%\ywrnlu_nav.dat
FileDelete %SYSDIR%\ywrnlu.dat
FileDelete %SYSDIR%\ywrnlu.exe
FileDelete %WINDIR%\PREFETCH\ywrnlu.exe*.pf

SystemEmptyRecycleBin

FileDelete C:\egd.txt
SystemRun regedit|/e C:\egd.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"|0

OptionBFUExit

Sauvegarde dans le dossier créé (C:\BFU) (Nom du fichier : "Fixme.bfu " -sans inclure les guillemets- ; Type : Tous les fichiers).

Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

Fixme.bfu

Clique sur Execute et laisse-le faire son travail.

Redémarre normalement.

Poste les rapports situés ici :
C:\egd.txt
accompagné d'un rapport Hijackthis.

NOTE :

Si tu ne sais pas où trouver le Bloc-Notes, voici comment le trouver rapidement :
Démarrer-> Exécuter...-> Tape Notepad puis valide

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
SaturneCatherine   17-11-2006 à 22:05:28
- 0 +

Heuuuuuu ..... et le fait que j'ai supprimé les 78 documents qui s'étaient mis ds la poubelle, c pas grave ?

Tu me parles du mode sans échec mais je ne vais pas encore savoir puisque ce n'est pas résolu, si ??

Répondre à SaturneCatherine
Angeldark   17-11-2006 à 22:06:51
- 0 +

Heuuuuuu ..... et le fait que j'ai supprimé les 78 documents qui s'étaient mis ds la poubelle, c pas grave ?
-> Supprime les

Tu me parles du mode sans échec mais je ne vais pas encore savoir puisque ce n'est pas résolu, si ??
-> Fais le en mode normal ^^

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
SaturneCatherine   17-11-2006 à 22:22:08
- 0 +

Voilà les rapports :

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kav"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

Et celui HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 22:21:25, on 17/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Catherine\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://coolbox.be/slk200
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [ywrnlu] c:\windows\system32\ywrnlu.exe ywrnlu
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: FortisCzPc - https://www.fortisbanking.be/FortisCzPC.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://download.macromedia.com/pub [...] tor/sw.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: bw+0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E87279DD-1BA8-4987-A066-01272D4CAA8D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

Répondre à SaturneCatherine
Angeldark   18-11-2006 à 12:20:14
- 0 +

Re,

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

O4 - HKCU\..\Run: [ywrnlu] c:\windows\system32\ywrnlu.exe ywrnlu
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

Clique sur Fix checked (en bas à gauche)

D'autres problèmes ?

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > C:\windows\system32\ywrnlu.exe RAPPORT HIJACKTHIS, Mode ss échec impos
Aller à :

Il y a 1595 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,859 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens