Tom's Guide > Forum > Hardware > Win32:Obfuscated

Win32:Obfuscated

Forum Hardware : Win32:Obfuscated

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
cupra51100   23-09-2007 à 00:57:21

bonsoir g un virus et j aurais aimer le suprimé merci beaucoup.le virus s appelle Win32:Obfuscated.

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
cupra51100   23-09-2007 à 01:01:02
- 0 +

j ai telechargé plusieur logiciel pour avoir les rappor, les voici merci.

Logfile of HijackThis v1.99.1
Scan saved at 00:40:27, on 23/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Pinnacle\PCTV Stereo\Remote\Remoterm.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\MAG & MIKA\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\PCTV Stereo\Remote\Remoterm.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [partwait] C:\DOCUME~1\MAG&MI~1\APPLIC~1\4FLAG~1\data vga curb.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Pinnacle Scheduler.lnk = ?
O4 - Global Startup: Wireless 802.11g USB Adapter.lnk = C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawfl [...] awflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: bw+0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {C99625D3-D79B-4E94-9AEC-9B6936689E78} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe



et pour l 2eme:

Rapport lopxpMH2 version 2.0 fait à 0:43:23,57 le 23/09/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\All Users\Application Data

07/12/2005 07:02 <REP> .
07/12/2005 07:02 <REP> ..
07/12/2005 07:02 <REP> Adobe
11/08/2007 15:19 <REP> CanonBJ
23/08/2007 22:41 <REP> CyberLink
11/08/2007 16:27 <REP> Downloaded Installations
11/08/2007 15:50 <REP> eConsole
11/08/2007 15:03 <REP> film start link joy
11/08/2007 14:25 <REP> Google
11/08/2007 17:48 <REP> Installations
11/08/2007 15:22 <REP> InstallShield
11/08/2007 15:03 <REP> Joy coal mpeg heck
11/08/2007 15:06 <REP> Messenger Plus!
07/12/2005 06:43 <REP> Microsoft
14/09/2007 13:38 <REP> Nokia
11/08/2007 18:12 <REP> PC Suite
11/08/2007 15:36 <REP> Pinnacle
11/08/2007 15:22 <REP> ScanSoft
12/12/2005 05:04 <REP> Symantec
11/08/2007 14:40 <REP> Windows Genuine Advantage
07/12/2005 07:37 62 desktop.ini
1 fichier(s) 62 octets
20 Rép(s) 46 276 255 744 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\Default User\Application Data

07/12/2005 07:37 <REP> .
07/12/2005 07:37 <REP> ..
11/08/2007 14:59 <REP> Identities
07/12/2005 06:43 <REP> Microsoft
11/08/2007 14:59 <REP> Symantec
07/12/2005 07:37 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 46 276 255 744 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

07/12/2005 06:43 <REP> .
07/12/2005 06:43 <REP> ..
11/08/2007 14:59 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150050}
11/08/2007 14:59 <REP> ApplicationHistory
07/12/2005 06:43 <REP> Microsoft
11/08/2007 14:59 135 fusioncache.dat
1 fichier(s) 135 octets
5 Rép(s) 46 276 243 456 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\LocalService\Application Data

07/12/2005 06:46 <REP> .
07/12/2005 06:46 <REP> ..
07/12/2005 06:46 <REP> Microsoft
11/08/2007 16:47 <REP> Symantec
0 fichier(s) 0 octets
4 Rép(s) 46 276 243 456 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

07/12/2005 06:46 <REP> .
07/12/2005 06:46 <REP> ..
07/12/2005 06:46 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 46 276 243 456 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\MAG & MIKA\Application Data

11/08/2007 15:00 <REP> .
11/08/2007 15:00 <REP> ..
11/08/2007 15:03 <REP> 4 flag
11/08/2007 16:26 <REP> Adobe
11/08/2007 16:26 <REP> AdobeUM
11/08/2007 15:16 <REP> ArcSoft
11/08/2007 14:13 <REP> ATI
22/09/2007 09:15 <REP> Canon
23/08/2007 22:41 <REP> CyberLink
19/08/2007 15:58 <REP> DivX
11/08/2007 14:35 <REP> Google
11/08/2007 15:00 <REP> Identities
14/08/2007 13:46 <REP> IDS_COMPANY
23/08/2007 12:11 <REP> Logitech
11/08/2007 16:23 <REP> Macromedia
11/08/2007 15:00 <REP> Microsoft
11/08/2007 16:11 <REP> MSNInstaller
11/08/2007 17:52 <REP> Nokia
11/08/2007 16:29 <REP> Nokia Multimedia Player
11/08/2007 17:51 <REP> PC Suite
11/08/2007 15:22 <REP> ScanSoft
25/08/2007 18:02 <REP> Sun
11/08/2007 15:00 <REP> Symantec
11/08/2007 15:30 <REP> vlc
11/08/2007 15:00 62 desktop.ini
1 fichier(s) 62 octets
24 Rép(s) 46 276 239 360 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\MAG & MIKA\Local Settings\Application Data

11/08/2007 15:00 <REP> .
11/08/2007 15:00 <REP> ..
11/08/2007 15:00 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150050}
11/08/2007 20:33 <REP> Adobe
11/08/2007 15:00 <REP> ApplicationHistory
11/08/2007 14:13 <REP> ATI
11/08/2007 14:35 <REP> Google
27/08/2007 15:09 <REP> Identities
11/08/2007 15:00 <REP> Microsoft
20/08/2007 20:54 <REP> WMTools Downloaded Files
11/08/2007 16:21 56 320 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
11/08/2007 15:00 133 fusioncache.dat
11/08/2007 14:13 66 696 GDIPFONTCACHEV1.DAT
12/08/2007 12:22 4 291 704 IconCache.db
4 fichier(s) 4 414 853 octets
10 Rép(s) 46 276 239 360 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\NetworkService\Application Data

07/12/2005 06:46 <REP> .
07/12/2005 06:46 <REP> ..
07/12/2005 06:46 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 46 276 239 360 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

07/12/2005 06:46 <REP> .
07/12/2005 06:46 <REP> ..
07/12/2005 06:46 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 46 276 239 360 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

07/12/2005 07:37 <REP> .
07/12/2005 07:37 <REP> ..
11/08/2007 14:59 <REP> Identities
07/12/2005 07:37 <REP> Microsoft
11/08/2007 14:59 <REP> Symantec
07/12/2005 07:37 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 46 276 239 360 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

07/12/2005 07:37 <REP> .
07/12/2005 07:37 <REP> ..
11/08/2007 14:59 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150050}
11/08/2007 14:59 <REP> ApplicationHistory
07/12/2005 06:43 <REP> Microsoft
11/08/2007 14:59 135 fusioncache.dat
11/08/2007 14:59 1 417 462 IconCache.db
2 fichier(s) 1 417 597 octets
5 Rép(s) 46 276 239 360 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks


C:\WINDOWS\Tasks\AA6B59F1918CCA0D.job
 3˜–Aø¦IŒŸè™~ª!äF à <
s  "ˆ!×   7 c : \ d o c u m e ~ 1 \ m a g & m i ~ 1 \ a p p l i c ~ 1 \ 4 f l a g ~ 1 \ e g g s b l a h b i a s . e x e M A G & M I K A   €  0 Ë

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est 4820-7A50

Répertoire de C:\Program Files

23/09/2007 00:03 <REP> .
23/09/2007 00:03 <REP> ..
11/08/2007 14:01 <REP> Acer
11/08/2007 16:26 <REP> Adobe
11/08/2007 18:28 <REP> Adverts
11/08/2007 17:48 <REP> Alwil Software
11/08/2007 15:21 <REP> ArcSoft
11/08/2007 14:10 <REP> ATI Technologies
11/08/2007 22:50 <REP> AvRack
11/08/2007 15:24 <REP> Canon
11/08/2007 15:31 <REP> CCleaner
07/12/2005 06:41 <REP> ComPlus Applications
07/12/2005 07:08 <REP> CyberLink
11/08/2007 17:51 <REP> DIFX
19/08/2007 13:57 <REP> DivX
19/08/2007 13:47 <REP> DivXCodec
22/09/2007 22:03 <REP> eMule
23/08/2007 12:07 <REP> Fichiers communs
22/09/2007 13:59 <REP> Google
11/08/2007 15:14 <REP> Hercules
18/08/2007 03:07 <REP> Internet Explorer
11/08/2007 14:25 <REP> Java
23/08/2007 12:08 <REP> Logitech
07/12/2005 06:47 <REP> Messenger
11/08/2007 15:03 <REP> Messenger Plus! Live
11/08/2007 22:50 <REP> microsoft frontpage
13/08/2007 01:02 <REP> Microsoft Office
13/08/2007 01:01 <REP> Microsoft.NET
11/08/2007 21:23 <REP> Movie Maker
11/08/2007 16:11 <REP> MSN
11/08/2007 22:50 <REP> MSN Gaming Zone
28/08/2007 19:07 <REP> MSN Messenger
12/08/2007 09:45 <REP> MSXML 4.0
11/08/2007 22:50 <REP> NetMeeting
11/08/2007 14:01 <REP> NewTech Infosystems
19/08/2007 13:44 <REP> NimoCodec Pack
15/09/2007 11:06 <REP> Nokia
11/08/2007 22:50 <REP> Online Services
11/08/2007 21:23 <REP> Outlook Express
11/08/2007 17:50 <REP> PC Connectivity Solution
11/08/2007 15:37 <REP> Pinnacle
11/08/2007 22:50 <REP> Realtek AC97
07/12/2005 06:54 <REP> Realtek Sound Manager
11/08/2007 15:22 <REP> ScanSoft
11/08/2007 22:50 <REP> Services en ligne
11/08/2007 18:11 <REP> Symantec
19/08/2007 14:01 <REP> VideoLAN
11/08/2007 15:03 <REP> Windows Live
11/08/2007 22:00 <REP> Windows Media Connect 2
11/08/2007 14:55 <REP> Windows Media Player
11/08/2007 22:50 <REP> Windows NT
11/08/2007 15:27 <REP> WinRAR
11/08/2007 22:50 <REP> Wireless 802.11g USB Adapter
11/08/2007 22:50 <REP> xerox
0 fichier(s) 0 octets
54 Rép(s) 46 276 222 976 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
netbios-wait.com REG_SZ
www.netbios-wait.com REG_SZ
mysearchnow.com REG_SZ
www.mysearchnow.com REG_SZ

* Mozilla Firefox (1 autorisé 2 interdit)

******************************************
## Registre

* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/ie

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
PCSuiteTrayApplication REG_SZ C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
partwait REG_SZ C:\DOCUME~1\MAG&MI~1\APPLIC~1\4FLAG~1\data vga curb.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************

Répondre à cupra51100
cupra51100   23-09-2007 à 01:02:30
- 0 +

merci sa serai sympa de m aidée

Répondre à cupra51100
F@bien27   23-09-2007 à 09:08:07
- 0 +

Va dans la bonne section

Donc dans sécurité/virus ;)

------------------------------ L’insolite du Geek ! | Enfin du Porno gratuit ! | black hattitude
 Répondre à F@bien27
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Hardware > Win32:Obfuscated
Aller à :

Il y a 421 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,331 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens