Pub automatique avec wlm [Résolu]

dam2205

18 Décembre 2007 18:22:10

Bonsoir ,
Voici mon problème : à chaque fois que je me connecte à Windows live messenger mes contacts reçoivent ceci comme message : Pub auto : --édité par Angeldark-- ! Tchat gratuit.
Comment faire pour ne plus envoyer ce genre de message à mes contacts ? :??:

merci pour toute réponse

Autres pages sur : pub automatique wlm resolu

| Etre averti des réponses
| Alerter

Répondre à dam2205

Angeldark

18 Décembre 2007 18:24:09

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

| Alerter

Répondre à Angeldark

dam2205

18 Décembre 2007 19:45:53

Voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:02, on 18/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} (Java Plug-in 1.5.0_08) -
O18 - Protocol: bw+0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - c:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

--
End of file - 20080 bytes
C'est bon ?

| Alerter

Répondre à dam2205

Angeldark

18 Décembre 2007 19:53:55

Re,

Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log

| Alerter

Répondre à Angeldark

dam2205

18 Décembre 2007 20:27:22

Voici le rapport d'msn fix :
MSNFix 1.605

C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\MSNFix
Fix exécuté le 18/12/2007 - 21:29:34,89 By charles
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

... C:\Temp\

************************ Suppression des fichiers

************************ Suppression des dossiers

.. OK ... C:\Temp\

************************ Nettoyage du registre

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\OneCareSupportData.zip] 4F1F9DF0CE0EB5DBD2A46D38FA226F13

==> SVP merci d'envoyer le fichier C:\DOCUME~1\CHARLE~1.CHA\Bureau\Upload_Me.zip sur http://upload.changelog.fr

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 18122007_21323806.zip

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

| Alerter

Répondre à dam2205

Angeldark

18 Décembre 2007 20:29:17

Re,

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

&

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

| Alerter

Répondre à Angeldark

dam2205

18 Décembre 2007 21:19:24

C'est bon , j'ai désinstaller avast et j'ai installé antivir

| Alerter

Répondre à dam2205

dam2205

18 Décembre 2007 22:33:32

Voilà le rapport d'Antivir :

AntiVir PersonalEdition Classic
Report file date: mardi 18 décembre 2007 22:26

Scanning for 980737 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: CHARLES-C9F5736

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 21:23:27
ANTIVIR2.VDF : 7.0.1.96 2048 Bytes 14/12/2007 21:23:27
ANTIVIR3.VDF : 7.0.1.118 110592 Bytes 18/12/2007 21:23:27
AVEWIN32.DLL : 7.6.0.45 3084800 Bytes 18/12/2007 21:23:29
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 18 décembre 2007 22:26

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'soundman.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
25 processes with 25 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '25' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Flashing avec far et xs++.rar
[0] Archive type: RAR
--> Flashing avec far et xs ++\FarManager170\Plugins\SEFP\sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Packw810(2).zip
[0] Archive type: ZIP
--> XS++ et FAR/FarManager170/Plugins/SEFP/sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Packw810.zip
[0] Archive type: ZIP
--> XS++ et FAR/FarManager170/Plugins/SEFP/sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\w810i\Flashing avec far et xs ++\FarManager170\Plugins\SEFP\sefp0.10.0.51patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP432\A0591309.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d44ee.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP432\A0591315.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4527.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP432\A0591397.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4532.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0591421.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d453a.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0591434.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d453e.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0592434.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4543.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0593434.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4548.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP433\A0593449.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d454c.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0593468.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4553.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0594468.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4558.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0594495.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d455d.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP434\A0594511.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4564.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP435\A0594524.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d456b.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP435\A0595524.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] A backup was created as '479d4571.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP435\A0596524.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4577.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0596816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4585.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0597816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d458b.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0598816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4591.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0599816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479d4594.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0600816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e4597.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP436\A0601816.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601830.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601880.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601921.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601934.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601950.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP437\A0601966.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0601981.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602107.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602209.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45c7.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602221.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45c9.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602243.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45cb.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602260.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45cf.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0602302.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45d3.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603302.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45d5.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603315.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45d8.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603338.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45da.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP438\A0603356.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45dd.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP439\A0603378.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45e0.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP439\A0603396.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45e2.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP441\A0604396.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45e8.qua'!
C:\System Volume Information\_restore{0D07070D-BD59-4EDF-BF47-871C4B322391}\RP441\A0605396.dll
[DETECTION] Is the Trojan horse TR/Gorshok.A
[INFO] The file was moved to '479e45eb.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Disque local>

End of the scan: mardi 18 décembre 2007 23:38
Used time: 1:11:56 min

The scan has been done completely.

12725 Scanning directories
452992 Files were scanned
46 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
27 files were deleted
0 files were repaired
33 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
452946 Files not concerned
6562 Archives were scanned
3 Warnings
72 Notes

| Alerter

Répondre à dam2205

Angeldark

19 Décembre 2007 09:47:03

J'ai mis deux fois la même chose hier

[#ff0000]CECI EST UNE ETAPE IMPORTANTE A REALISER ![/#f]
Upload l'archive Upload_Me.zip contenant les fichiers suspects afin de développer l'outil MSNFix.
AIDE : Upload des fichiers supects pour MSNFix

Reposte un rapport Hijackthis.

| Alerter

Répondre à Angeldark

dam2205

19 Décembre 2007 12:25:10

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:31:55, on 19/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} (Java Plug-in 1.5.0_08) -
O18 - Protocol: bw+0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DD0E8631-995F-4F03-910C-4CB6602AF863} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - c:\Program Files\Ares\chatServer.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

--
End of file - 19767 bytes

| Alerter

Répondre à dam2205

Angeldark

19 Décembre 2007 12:34:59

Re,

Fix la ligne dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)

| Alerter

Répondre à Angeldark

dam2205

19 Décembre 2007 12:49:48

C'est bon , C'est fait

| Alerter

Répondre à dam2205

Angeldark

19 Décembre 2007 13:00:56

Encore des soucis ?

| Alerter

Répondre à Angeldark

dam2205

19 Décembre 2007 13:06:09

J'vé me connecter pour voir et j'vous tiens au courant *

| Alerter

Répondre à dam2205

Angeldark

19 Décembre 2007 13:07:38

Ok

| Alerter

Répondre à Angeldark

dam2205

24 Décembre 2007 07:47:18

C'est bon c'est réglé !!! J'ai mis du temps à répondre ( désoler ) parce que quelque contact le recevait encore *
Merci pour tout *

| Alerter

Répondre à dam2205

Angeldark

24 Décembre 2007 11:07:36

Bonnes fêtes !

Télécharge ToolsCleaner sur ton Bureau.

Clique sur Recherche et laisse le scan se terminer.

Clique sur Suppression pour finaliser.

Clique sur Quitter, pour que le rapport puisse se créer.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

Désactive puis réactive la restauration du système : Voir aide

Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"

* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

| Alerter

Répondre à Angeldark

dam2205

26 Décembre 2007 17:00:26

Voila
-->- Recherche:

C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\MsnFix: trouvé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\HijackThis: trouvé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\hijackthis\HijackThis.exe: trouvé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\MSNFix.lnk: trouvé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\HijackThis.lnk: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\hijackthis\HijackThis.exe: supprimé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\MSNFix.lnk: supprimé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Recent\HijackThis.lnk: supprimé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Bureau\MsnFix: supprimé !
C:\Documents and Settings\charles.CHARLES-C9F5736\Mes documents\Divers\HijackThis: supprimé !

| Alerter

Répondre à dam2205

Tom's guide dans le monde