Tom's Guide > Forum > Sécurité - Virus > Virus sur les liens Google / Hijackthis

Virus sur les liens Google / Hijackthis

Forum Sécurité - Virus : Virus sur les liens Google / Hijackthis

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Créer un nouveau sujet Répondre

Bas de page Chercher dans ce sujet

Bonjour

le grand classqiue, un détournement des liens google

pas dramatique, mais pénible

j'ai essayé plusieurs anti spyware (ad aware, spybot etc) mais j'ai fait chou blanc

voici mon Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 00:14:05, on 16/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
D:\Program Files\Norton 03\IS\NISUM.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Media\Winamp\Winampa.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\Media\Itunes\iTunesHelper.exe
D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe
D:\Program Files\Internet\RSS\RssReader\RssReader.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\Utilit\Spywares\Ad-Aware\Ad-Watch.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
D:\Program Files\Norton 03\IS\ccPxySvc.exe
D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Norton 03\AV\navapsvc.exe
D:\PROGRA~2\NORTON~1\NSW\NORTON~1\NPROTECT.EXE
C:\Program Files\adslTV\adslTV.exe
D:\Program Files\Utilit\Acrobat 6.0\Distillr\acrotray.exe
D:\Program Files\Utilit\HP\Digital Imaging\bin\hpqtra08.exe
D:\PROGRA~2\NORTON~1\NSW\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Utilit\Drivers\Souris\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Utilit\EarthView3\EarthView.exe
D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeper.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\windowsautomaticupdates.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Utilit\Spywares\Spy Sweeper\SSU.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Media\Winamp\winamp.exe
D:\Program Files\Internet\Share\eMule 0.47c MorphXT v9.0 - [Par Ratiatum.com]\eMule.exe
D:\Program Files\Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\DVD\Nero 7\Nero 7\Nero 7\Core\nero.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\DVD\DVD Shrink 3.2 fr\DVD Shrink 3.2.exe
C:\WINDOWS\system32\WISPTIS.EXE
D:\Program Files\Utilit\Spywares\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Utilit\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13C66789-7051-43B8-BB50-F3D62CE322D9} - (no file)
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - D:\Program Files\Internet\NetXfer\NXIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Utilit\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton 03\AV\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Utilit\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Translator - {FF284F5C-7CF9-4682-8701-D467C1DBB99F} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\prmtie.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton 03\AV\NavShExt.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - D:\Program Files\Internet\NetXfer\NXToolBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Media\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Media\Itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [RssReader] "D:\Program Files\Internet\RSS\RssReader\RssReader.exe"
O4 - HKCU\..\Run: [Norton SystemWorks] "D:\Program Files\Norton 05\NSW\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [AWMON] "D:\Program Files\Utilit\Spywares\Ad-Aware\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - Startup: adsl TV.LNK = C:\Program Files\adslTV\adslTV.exe
O4 - Startup: EarthView.lnk = D:\Program Files\Utilit\EarthView3\EarthView.exe
O4 - Global Startup: adsl TV.lnk = C:\Program Files\adslTV\adslTV.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = D:\Program Files\Utilit\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: AxelTime.lnk = D:\Program Files\Utilit\Horloge\AxelTime.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\Utilit\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~2\OFFICE~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir le fichier PDF dans Word - res://D:\Program Files\Utilit\OCR\Omnipage14\PdfCnv\IEShellExt.dll /300
O8 - Extra context menu item: Tout télécharger avec NetXfer - D:\Program Files\Internet\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec &BitSpirit - D:\Program Files\Internet\Share\BitSpirit\bsurl.htm
O8 - Extra context menu item: Télécharger avec NetXfer - D:\Program Files\Internet\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\Internet\WinHTTrack (Aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\Internet\WinHTTrack (Aspi)\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\prmtie5.htm
O9 - Extra 'Tools' menuitem: Translate - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\prmtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\options.htm
O9 - Extra 'Tools' menuitem: Customize translation options - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\options.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.f [...] r_cert.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/p [...] nicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/ac [...] 0-3-17.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 0445808046
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D19B338-834C-48F7-B808-80080253E105}: NameServer = 85.255.115.100,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{833C276F-2C67-4BB4-9949-86D231AC88B1}: NameServer = 85.255.115.100,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{F28A4CC0-1317-42E0-84A4-8AB08BE876C6}: NameServer = 85.255.115.100,85.255.112.100
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.100 85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.100 85.255.112.100
O18 - Protocol: bw+0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - D:\Program Files\Norton 03\IS\ccPxySvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton 03\AV\navapsvc.exe
O23 - Service: Norton Internet Security Professional Accounts Manager (NISUM) - Symantec Corporation - D:\Program Files\Norton 03\IS\NISUM.EXE
O23 - Service: Nodezilla Network Agent (Nodezilla) - Unknown owner - D:\Téléchargés\Internet\Share\Nodezilla\nodezilla.exe (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\PROGRA~2\NORTON~1\NSW\NORTON~1\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - D:\PROGRA~2\NORTON~1\NSW\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe

Que dois je faire maintenant ?

Merci !

Olivier

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Salut ...

Télécharge FixWareout sur le bureau.

Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

Quand ton système aura redémarré, suis les invites des messages.
A la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.

Au final, poste le contenu de C:\fixwareout\report.txt

Répondre à Mykerinos

Merci !

Fixwareout Last edited 2/11/2007
Post this report in the forums please
...
»»»»»Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdfsf.exe"

»»»»» System restarted

»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....

Search five digit cs, dm, kd, jb, other, files.
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.

Click browse, find the file then click submit.
http://www.virustotal.com/flash/index_en.html
Or http://virusscan.jotti.org/

»»»»» Other
C:\WINDOWS\Temp\kdfsf.ren 63331 19/08/2004

»»»»» Current runs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"WinampAgent"="\"D:\\Program Files\\Media\\Winamp\\Winampa.exe\""
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"ccRegVfy"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccRegVfy.exe\""
"Symantec NetDriver Monitor"="\"C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe\" /Consumer"
"!ewido"="\"D:\\Program Files\\Utilit\\Spywares\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"D:\\Program Files\\Media\\Itunes\\iTunesHelper.exe\""
"SpySweeper"="\"D:\\Program Files\\Utilit\\Spywares\\Spy Sweeper\\SpySweeperUI.exe\" /startintray"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="\"D:\\Program Files\\Internet\\Yahoo Messenger\\YahooMessenger.exe\" -quiet"
"RssReader"="\"D:\\Program Files\\Internet\\RSS\\RssReader\\RssReader.exe\""
"Norton SystemWorks"="\"D:\\Program Files\\Norton 05\\NSW\\cfgwiz.exe\" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"LDM"="\\Program\\"
"AWMON"="\"D:\\Program Files\\Utilit\\Spywares\\Ad-Aware\\Ad-Watch.exe\""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"swg"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe\""
"srvreg"="C:\\WINDOWS\\system32\\srvreg.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»

Répondre à olivier92

Re ...

Tu n'auras pas accès à Internet pendant une partie de la procédure. Enregistre cette page pour pouvoir la consulter hors-connexion : Fichier > Enregistrer sous ...
Dans "Type", choisis "Page Web, complète" et donne-lui un nom.

Désactive SpySweeper, il risque d'empêcher les modifications faites par Hijackthis ...

Lance Ewido et mets-le à jour.
Une fois la mise à jour terminée, ferme-le. Ne le lance pas tout de suite.

Télécharge et installe CCleaner Basic.

Tutoriel par Jesses.

Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

Redémarre ton ordinateur.
Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
Choisis la première option pour exécuter Windows en mode sans échec, puis appuie sur "[Entrée]".
Choisis ton compte.
Une autre manière en images.

Ouvre HijackThis et clique sur "Do a system scan only" et coche les lignes suivantes :

O2 - BHO: (no name) - {13C66789-7051-43B8-BB50-F3D62CE322D9} - (no file)
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D19B338-834C-48F7-B808-80080253E105}: NameServer = 85.255.115.100,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{833C276F-2C67-4BB4-9949-86D231AC88B1}: NameServer = 85.255.115.100,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{F28A4CC0-1317-42E0-84A4-8AB08BE876C6}: NameServer = 85.255.115.100,85.255.112.100
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.100 85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.100 85.255.112.100

Ferme toutes les fenêtres et quitte toutes les applications en cours puis clique sur "Fix checked"

Affiche tous les fichiers :

Ouvre le Poste de travail > Outils > Options des dossiers > Affichage.
Coche la case "Afficher les fichiers et dossiers cachés".
Décoche la case "Masquer les extensions des fichiers dont le type est connu".

Supprime les fichiers/dossiers suivants (en gras) par l'Explorateur Windows (si présents) :

C:\WINDOWS\system32\srvreg.exe <- le fichier
C:\WINDOWS\system32\kdfsf.exe <- le fichier

Lance CCleaner et fais le nettoyage comme sur le tutoriel ...

Relance Ewido

Clique sur "Analyse" dans la barre d'outils puis sur "Paramètres".
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine".
Reclique sur "Analyse" puis sur "Analyse complète du système". Le scan peut durer, sois patient.
AVG affichera une liste des fichiers détectés, sur la gauche.
Si un fichier infecté est détecté en fin d'analyse, clique sur le bouton "Appliquer toutes les actions".
AVG affichera "Toutes les actions ont été appliquées", à droite.
Clique sur "Enregistrer le rapport", puis "Enregistrer le rapport sous". Ceci génère un rapport en fichier texte.
Sauvegarde ce rapport dans un endroit sûr (sur ton Bureau, par exemple).

Redémarre en mode normal.

Réactive SpySweeper.

Poste une réponse dans le même sujet.

Dans cette réponse, j'aimerais :

un nouveau rapport HijackThis.
le rapport Ewido.

Message édité par Mykerinos le 17-02-2007 à 01:17:35

Répondre à Mykerinos

Bonjour,

j'ai tout fait )

voici le log HJT

Logfile of HijackThis v1.99.1
Scan saved at 22:43:03, on 19/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
D:\Program Files\Norton 03\IS\NISUM.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Media\Winamp\Winampa.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\Ati2evxx.exe
D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\Norton 03\IS\ccPxySvc.exe
D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\Media\Itunes\iTunesHelper.exe
D:\Program Files\Norton 03\AV\navapsvc.exe
D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe
D:\Program Files\Internet\RSS\RssReader\RssReader.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Utilit\Spywares\Ad-Aware\Ad-Watch.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
D:\PROGRA~2\NORTON~1\NSW\NORTON~1\NPROTECT.EXE
C:\Program Files\adslTV\adslTV.exe
D:\Program Files\Utilit\Acrobat 6.0\Distillr\acrotray.exe
D:\PROGRA~2\NORTON~1\NSW\NORTON~1\SPEEDD~1\NOPDB.EXE
D:\Program Files\Utilit\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Utilit\Drivers\Souris\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\Program Files\Utilit\EarthView3\EarthView.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeper.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\windowsautomaticupdates.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Utilit\Spywares\Spy Sweeper\SSU.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Media\Winamp\winamp.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
D:\Program Files\Utilit\Spywares\Hijackthis\VERSION TRADUITE ORIGINALE.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Utilit\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - D:\Program Files\Internet\NetXfer\NXIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Utilit\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton 03\AV\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Utilit\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Translator - {FF284F5C-7CF9-4682-8701-D467C1DBB99F} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\prmtie.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton 03\AV\NavShExt.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - D:\Program Files\Internet\NetXfer\NXToolBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Media\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Media\Itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [RssReader] "D:\Program Files\Internet\RSS\RssReader\RssReader.exe"
O4 - HKCU\..\Run: [Norton SystemWorks] "D:\Program Files\Norton 05\NSW\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [AWMON] "D:\Program Files\Utilit\Spywares\Ad-Aware\Ad-Watch.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe"
O4 - Startup: adsl TV.LNK = C:\Program Files\adslTV\adslTV.exe
O4 - Startup: EarthView.lnk = D:\Program Files\Utilit\EarthView3\EarthView.exe
O4 - Global Startup: adsl TV.lnk = C:\Program Files\adslTV\adslTV.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = D:\Program Files\Utilit\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: AxelTime.lnk = D:\Program Files\Utilit\Horloge\AxelTime.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\Utilit\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~2\OFFICE~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir le fichier PDF dans Word - res://D:\Program Files\Utilit\OCR\Omnipage14\PdfCnv\IEShellExt.dll /300
O8 - Extra context menu item: Tout télécharger avec NetXfer - D:\Program Files\Internet\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec &BitSpirit - D:\Program Files\Internet\Share\BitSpirit\bsurl.htm
O8 - Extra context menu item: Télécharger avec NetXfer - D:\Program Files\Internet\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\Internet\WinHTTrack (Aspi)\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\Internet\WinHTTrack (Aspi)\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\prmtie5.htm
O9 - Extra 'Tools' menuitem: Translate - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\prmtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\options.htm
O9 - Extra 'Tools' menuitem: Customize translation options - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - D:\Program Files\Utilit\Traduction\@Promt\6\PRMTIE\options.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Internet\Yahoo Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.f [...] r_cert.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/p [...] nicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/ac [...] 0-3-17.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 0445808046
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O18 - Protocol: bw+0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {356B1BDA-17F1-45B8-B897-27554063369E} - D:\Program Files\Utilit\Drivers\Souris\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - D:\Program Files\Norton 03\IS\ccPxySvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\Utilit\Spywares\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton 03\AV\navapsvc.exe
O23 - Service: Norton Internet Security Professional Accounts Manager (NISUM) - Symantec Corporation - D:\Program Files\Norton 03\IS\NISUM.EXE
O23 - Service: Nodezilla Network Agent (Nodezilla) - Unknown owner - D:\Téléchargés\Internet\Share\Nodezilla\nodezilla.exe (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\PROGRA~2\NORTON~1\NSW\NORTON~1\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - D:\PROGRA~2\NORTON~1\NSW\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Program Files\Utilit\Spywares\Spy Sweeper\SpySweeper.exe
O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe

Merci encore !

Répondre à olivier92

Le problème est-il encore présent ?

Poste le rappoet Ewido ...

------------------------------ Si tu ne sais pas, demande. Si tu sais, partage.
LISEZ CECI !
Répondre à Mykerinos

Le problemeGoogle semble supprimé

par contre, mon pc est souvent ralenti, voir a tendance à freezer... (

Merci d'avance

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 00:21:28 21/02/2007

+ Scan result:

E:\MP3\Téléchargés\Mule 4\Patch Ewido Anti-Spyware 4.0.0.172 plus to skip registration by Rocco[ITA].rar/Patch Ewido Anti-Spyware 4.0.0.172 plus to skip registration by Rocco[ITA]\Patch.exe -> Not-A-Virus.Hacktool.Crack : No action taken.
E:\Logiciels\Téléchargés\DVD\DVD2DVDR\Cinema Craft Encoder CCE SP 2.70.02.00 & Patcher\Patch.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
E:\Logiciels\Téléchargés\DVD\Nero\Crack archives\Nero_Burning_ROM_and_WaveEditor_v6[1].0.0.9_MP4_AAC_Encoder.zip/Crack.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
E:\Logiciels\Téléchargés\Internet\oxilog_video_library_1.2.1+crack\oxilog_video_library_1.2.1+crack\crack oxylog video library1.2.1.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
E:\Logiciels\Téléchargés\Utilit\Symbol Commander\Symbol Commander Installé\Crack Symbol Commander pro 3.12.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
E:\Logiciels\Téléchargés\Utilit\Symbol Commander\Symbol Commander Installé\Symbol Commander pro 3.12 Silver.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
E:\Logiciels\Téléchargés\Utilit\Symbol Commander\Symbol Commander Installé\crack_sensiva.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
E:\Logiciels\Téléchargés\DVD\Dvd x copy platinum\Archive gold\321_studios_dvd_x_copy_gold_v3\Dvd xcopy archive\DVDXCopy_Xpress_v2[1].5.0_Retail.zip/Atlantis v1.5 Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : No action taken.
:mozilla.250:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.399:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.280:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Administrateur\Cookies\administrateur@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.258:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.259:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.260:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.195:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Hotlog : No action taken.
:mozilla.401:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.402:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.403:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.404:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.405:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.44:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.45:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.236:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.237:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.238:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.371:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.372:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.165:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Trafic : No action taken.
:mozilla.194:E:\Logiciels\Téléchargés\Internet\Firefox Extensions\profile{default}.fbu/cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.34:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jaotjaqg.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.36:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jaotjaqg.default\cookies.txt -> TrackingCookie.Weborama : No action taken.

::Report end

Répondre à olivier92

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > Virus sur les liens Google / Hijackthis

Aller à :

Aide |
Règles du forum

Il y a 2346 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Page générée en 0,296 secondes

Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler

Liens