Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Virus/Trojan introuvable...

Dernière réponse le 25 oct 2008 à 00:28:34 Scorpion571, le 24 oct 2008 à 06:38:20

Signaler ce message aux modérateurs

Bonjours !
Aujourd'hui j'ai été attaqué de touts les côtés par multiple virus, j'ai reussi par moi même à effacer la plupart des virus mais 1 petit malin semble toujours être présent sur mon ordinateur car mon ordi est plus lente que normal et quand je fait une recherche par google quand je click sur un lien, je suis redirigé sur d'autres sites qui ont aucun liens avec quoi que se soit et je suis incapable de me connecter sur les sites officiels d'anti-virus ou spyware populair (exemple a chaque fois que j'essais de me connecter au sites officiels de Avg, spybot s&d, symantec, hijackthis etc... je ressoie un message d'erreur). J'ai detruit la pluspart des fichier malveillant avec free Avg 8 et Ad-Aware. Jai scanner avec Spy Hunter et ils detectais des Zlob. Trojan que jai effacer manuelement car javais la version non enregistré. J'ai penser que peut être il avait encore un ''Zlob'' dans mon ordinateur alors jai eseiller plusieur solution manuel par les commande windows et rien na été detecté/marché. Alors la sa fait une journée complete que jessais plusieur logiciels de detection ou de solutions et jai toujours les problemes de redirections vers d'autres sites et cette lenteur torride...

J'ai quand meme reussi a downloader Hijackthis sur mon laptop et le tranferé sur mon ordinateur car j'était incapable de le downloader a partir de mon ordi infecter.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:58:18, on 2008-10-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Stardock\Object Desktop\ThemeManager\wbload.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpyHunter Security Suite] "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O18 - Protocol: bw+0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: karna.dat
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
End of file - 18942 bytes

J'y comprend rien c'est la premieres fois que je met autent d'éffords pour contré un virus par moi même sens favorisé la formatation. Mais la je suis entrain de perde la bataille >:(

Merci d'avance, durant ce temps jai vais pleuré dans mon coin :'(

Configuration: Windows XP
Firefox 3.0.3

Meilleures réponses pour « Virus/Trojan introuvable... » dans :

Virus/ trojan msn messenger Voir

VIRUS TROJAN EMPECHANT L ACCES A INTERNET (Résolu) Voir

Supprimer le virus trojan dropper. Voir

Differences entre virus,trojan et vers Voir

Je suis infecté Trojan.Downloader.FakeAV.AH (Résolu) Voir

Virus Trojan generic detecté par BitDefender (Résolu) Voir

Posez votre question Répondre

Destrio5, le 24 oct 2008 à 06:43:12

Salut,

---> Télécharge SDFix (créé par AndyManchesta) sur ton Bureau :
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
- Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
- Redémarre ton ordinateur en mode sans échec.

---> Pour redémarrer en mode sans échec :
- Redémarre ton PC.
- Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
- Dans le menu d'options avancées, choisis Mode sans échec.
- Choisis ton compte.

---> Déroule la liste des instructions ci-dessous :
- Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
- Appuie sur Y pour commencer le processus de nettoyage.
- Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
- Appuie sur une touche pour redémarrer le PC.
- Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
- Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
- Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
- Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
- Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 20:15:53

ReBonjours :D

J'ai pas reussi a télécharger le logiciel que tu me proposais car mon acces étais bloqué par le virus mais, ce matin j'ai ouvert mon ordinateur en mode sans échec et j'ai rescanner avec Avg8 , Ad-Aware et Spyhunter. Mon avg a detecter quelques fichier et mon Ad-ware 10 autres qui semblais plus a des cookie mais bon... et Spyhunter a detecter 1 autre cookie que jai enlever par moi même. Et la, et bien je n'est plus le probleme de redirection vers d'autre sites, de lenteur, je peux maintenant consulter les sites d'anti-virus et de spywares sans aucune restriction. Maintenant je suis armé plus que j'amais contre les virus. J'ai fais un dernier scan avec toute pour être sur qui reste rien et tout semble beau... Je vois rien de suspect... Si t'a dequoi d'autre a me conseiller je vais tout prendre en notes.

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 20:21:23

- Télécharge et installe Malwarebytes' Anti-Malware :
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware

- Mets-le à jour.

- Redémarre en mode sans échec (Recommandé) :
http://www.sosordi.net/Faq/Faq.2.html

- Choisis ta session habituelle.

- Fais un scan complet avec Malwarebytes' Anti-Malware .

- Supprime tout ce que le logiciel trouve, enregistre le rapport.

- Redémarre en mode normal et poste le rapport ici.

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 21:11:48

Hey toi ! dsl :P

Mouais ! merci beacoup pour Malwarebytes il a detecter 22 fichiers infecter o_o...

Oh et voila...

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1316
Windows 5.1.2600 Service Pack 3

2008-10-24 15:01:15
mbam-log-2008-10-24 (15-01-15).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 86353
Temps écoulé: 13 minute(s), 3 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 19

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\antispywarexp2009 (Rogue.AntispywareXP) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Denis\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareXP2009.lnk (Rogue.Antispyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSlxwp.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS160a.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Denis\Local Settings\Temp\TDSSc7df.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Denis\Local Settings\Temp\TDSSc82d.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Denis\Local Settings\Temp\TDSSd299.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Denis\Local Settings\Temp\TDSSd2a8.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Denis\Local Settings\Temp\TDSSd548.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSbubv.log (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSfpmp.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSnmxh.log (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSoexh.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSoiqt.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSrhyp.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSsbhc.log (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSStkdv.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSvvbj.log (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\TDSSmaxt.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\TDSSpqlt.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

Merci ! une boîte de biscuits pour toi :)

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 21:15:43

---> Relance MBAM, va dans Quarantaine et supprime tout.

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix\Combofix.txt

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 21:25:14

Ok mais, juste comme information rapide, est-ce que c'est la derniere étape :P ? Ouais je sais vaut mieu être sur haha :P mais je veux juste être sur que je vais pas devoir télécharger 10go d'anti virus/spyware/malware ^^. Mais bon je suis entrain de télécharger le dernier que tu m'a donné

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 21:30:25

Fais le scan avec ComboFix.

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 21:47:46

ComboFix 08-10-24.02 - Denis 2008-10-24 15:31:47.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1587 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Denis\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Denis\Cookies\lyvu._sy
C:\Documents and Settings\Denis\Cookies\onubem.inf
C:\Documents and Settings\Denis\Menu Démarrer\Programmes\AntiSpywareXP2009
C:\Documents and Settings\Denis\Menu Démarrer\Programmes\AntiSpywareXP2009\AntiSpywareXP2009.lnk
C:\Documents and Settings\Denis\Menu Démarrer\Programmes\AntiSpywareXP2009\Uninstall.lnk
C:\WINDOWS\system32\nvsvc32.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TDSSSERV.SYS)
-------\Service_TDSSserv.sys)

((((((((((((((((((((((((((((( Fichiers créés du 2008-09-24 au 2008-10-24 ))))))))))))))))))))))))))))))))))))
.

2008-10-24 14:42 . 2008-10-24 14:42 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-24 14:42 . 2008-10-24 14:42 <REP> d-------- C:\Documents and Settings\Denis\Application Data\Malwarebytes
2008-10-24 14:42 . 2008-10-24 14:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-24 14:42 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-24 14:42 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-23 22:19 . 2008-10-23 22:19 <REP> d-------- C:\Program Files\Trend Micro
2008-10-23 18:18 . 2008-10-23 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-10-23 17:53 . 2008-10-23 17:53 <REP> d-------- C:\Program Files\Yahoo!
2008-10-23 17:53 . 2008-10-23 17:53 <REP> d-------- C:\Program Files\CCleaner
2008-10-23 16:41 . 2008-10-23 16:41 <REP> d-------- C:\Program Files\Enigma Software Group
2008-10-23 15:18 . 2008-10-23 15:18 18,767 --a------ C:\WINDOWS\dyvolow.dll
2008-10-23 15:18 . 2008-10-23 15:18 18,708 --a------ C:\WINDOWS\system32\azotidug._sy
2008-10-23 15:18 . 2008-10-23 15:18 18,084 --a------ C:\Documents and Settings\Denis\Application Data\okigopor.exe
2008-10-23 15:18 . 2008-10-23 15:18 16,745 --a------ C:\WINDOWS\yqoly.pif
2008-10-23 15:18 . 2008-10-23 15:18 16,645 --a------ C:\WINDOWS\xylox.sys
2008-10-23 15:18 . 2008-10-23 15:18 16,181 --a------ C:\Documents and Settings\Denis\Application Data\olam.reg
2008-10-23 15:18 . 2008-10-23 15:18 15,583 --a------ C:\WINDOWS\pikuraxi.scr
2008-10-23 15:18 . 2008-10-23 15:18 14,798 --a------ C:\WINDOWS\ucaxet.db
2008-10-23 15:18 . 2008-10-23 15:18 13,948 --a------ C:\WINDOWS\system32\bafukedy.reg
2008-10-23 15:18 . 2008-10-23 15:18 13,895 --a------ C:\WINDOWS\ikygif.dat
2008-10-23 15:18 . 2008-10-23 15:18 12,627 --a------ C:\WINDOWS\ufoqog._dl
2008-10-23 15:18 . 2008-10-23 15:18 12,454 --a------ C:\Program Files\Fichiers communs\acedosuzir.pif
2008-10-23 15:18 . 2008-10-23 15:18 10,603 --a------ C:\WINDOWS\system32\owyp.lib
2008-10-23 15:00 . 2008-10-23 15:00 164 --a------ C:\WINDOWS\system32\TDSSosvd.dat
2008-10-23 14:52 . 2008-10-23 14:52 164 --a------ C:\WINDOWS\system32\TDSSmtvd.dat
2008-10-21 20:04 . 2008-10-21 20:04 <REP> d-------- C:\Documents and Settings\Denis\Application Data\AdobeUM
2008-10-17 02:30 . 2008-10-18 13:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-17 02:30 . 2008-10-17 02:30 1,409 --a------ C:\WINDOWS\QTFont.for
2008-10-15 22:28 . 2008-09-08 06:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 21:53 . 2008-09-15 11:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 21:51 . 2008-08-14 09:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 21:51 . 2008-08-14 09:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 21:51 . 2008-08-14 09:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 21:51 . 2008-08-14 09:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-14 12:15 . 2008-10-14 12:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Blizzard
2008-10-12 05:19 . 2008-10-12 05:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-10-12 05:18 . 2008-10-12 05:18 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-12 05:18 . 2008-10-12 05:18 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-10-12 05:17 . 2008-10-13 11:33 <REP> d-------- C:\Program Files\Fichiers communs\Logishrd
2008-10-08 20:47 . 2008-10-08 20:47 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-09-30 23:06 . 2008-10-14 22:12 <REP> d-------- C:\Program Files\Warcraft III
2008-09-25 13:03 . 2008-10-23 16:29 <REP> d-------- C:\Program Files\Steam

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-23 21:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-23 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-10-23 18:12 --------- d-----w C:\Program Files\EA GAMES
2008-10-23 18:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-23 04:43 --------- d-----w C:\Documents and Settings\Denis\Application Data\Xfire
2008-10-23 02:43 137,480 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-10-23 02:42 183,120 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-10-23 01:52 --------- d-----w C:\Program Files\Xfire
2008-10-21 18:59 --------- d-----w C:\Program Files\World of Warcraft
2008-10-15 00:28 --------- d-----w C:\Program Files\StarCraft
2008-10-12 18:41 --------- d-----w C:\Program Files\Logitech
2008-10-12 09:47 --------- d-----w C:\Documents and Settings\Denis\Application Data\DivX
2008-10-08 00:48 --------- d-----w C:\Program Files\DivX
2008-10-03 01:31 --------- d-----w C:\Program Files\Diablo II
2008-10-01 03:07 --------- d-----w C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-09-23 19:40 --------- d-----w C:\Documents and Settings\Denis\Application Data\CyberLink
2008-09-23 19:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 01:59 --------- d-----w C:\Program Files\THQ
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-06 17:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-06 17:07 --------- d-----w C:\Program Files\Lavasoft
2008-09-06 17:07 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-08-31 16:46 --------- d-----w C:\Program Files\Stardock
2008-08-31 16:46 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-08-29 16:07 97,928 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-26 08:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-24 07:31 --------- d-----w C:\Documents and Settings\Denis\Application Data\GarageGames
2008-08-14 13:23 2,191,232 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:23 2,068,096 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-05 22:02 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-08-05 22:02 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-08-05 22:02 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-08-05 22:02 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-08-05 22:02 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-08-05 22:00 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-08-05 22:00 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-08-05 21:59 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-08-05 21:59 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-08-05 21:59 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-08-05 21:59 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-08-05 21:59 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-08-05 21:59 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-08-05 21:59 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-08-05 21:59 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-08-05 21:58 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-08-05 21:58 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-08-05 21:58 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-08-05 21:58 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-08-05 21:58 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-08-05 21:58 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-08-05 21:58 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-26 01:20 86,528 ----a-w C:\WINDOWS\bnetunin.exe
2008-07-18 20:35 22,328 ----a-w C:\Documents and Settings\Denis\Application Data\PnkBstrK.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-07-18 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-09-29 1234712]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-09-10 864256]
"nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe]
"CTHelper"="CTHELPER.EXE" [2008-02-20 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2008-02-20 C:\WINDOWS\system32\Ctxfihlp.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"C:\Nexon\Combat Arms\CombatArms.exe"= C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms\Engine.exe"= C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"C:\\Nexon\\Combat Arms\\NMService.exe"=
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"C:\\Program Files\\THQ\\Titan Quest Immortal Throne\\Tqit.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\Warcraft III\\Frozen Throne.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-29 97928]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 875288]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-17 76040]
R2 CTAudSvcService;Creative Audio Service;C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-03-07 417792]
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2008-02-25 1172504]
S3 ADM8511;Convertisseur USB vers Fast Ethernet ADMtek ADM8511/AN986;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS [2001-08-17 20160]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\Launch.exe
.
Contenu du dossier 'Tâches planifiées'

2008-07-17 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 17:13]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\xj7y44gk.default\
FF -: plugin - C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF -: plugin - C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\xj7y44gk.default\extensions\iaplayer@instantaction.com\plugins\npiaplayer.dll
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-24 15:35:17
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

PROCESSUS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\system32\SETUPAPI.dll
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\CTxfispi.exe
C:\Program Files\MagicTune Premium\MagicTune.exe
.
**************************************************************************
.
Heure de fin: 2008-10-24 15:39:07 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-24 19:39:02

Avant-CF: 193 247 563 776 octets libres
Après-CF: 193,212,600,320 octets libres

244 --- E O F --- 2008-10-16 10:45:45

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 22:03:36

/!\ Seul Scorpion571 peut suivre cette procédure /!\

1/

---> Clique sur Démarrer, Exécuter, tape notepad clique sur OK.

---> Copie le texte ci-dessous par sélection puis Ctrl+C :

KillAll::

File::
C:\WINDOWS\dyvolow.dll
C:\WINDOWS\system32\azotidug._sy
C:\Documents and Settings\Denis\Application Data\okigopor.exe
C:\WINDOWS\yqoly.pif
C:\WINDOWS\xylox.sys
C:\Documents and Settings\Denis\Application Data\olam.reg
C:\WINDOWS\pikuraxi.scr
C:\WINDOWS\ucaxet.db
C:\WINDOWS\system32\bafukedy.reg
C:\WINDOWS\ikygif.dat
C:\WINDOWS\ufoqog._dl
C:\Program Files\Fichiers communs\acedosuzir.pif
C:\WINDOWS\system32\owyp.lib
C:\WINDOWS\system32\TDSSosvd.dat
C:\WINDOWS\system32\TDSSmtvd.dat

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]

---> Colle la sélection dans le bloc-notes

---> Enregistre ce fichier sur le bureau (Impératif)

---> Nom du fichier : CFScript
---> Type du fichier : tous les fichiers
---> Clique sur Enregistrer
---> Quitte le bloc-notes

2/

---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://www.searchengines.pl/...

[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.

[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.

[*] Une fois le scan achevé, un rapport va s'afficher : poste-le

[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix.txt

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 22:10:42

Je viens d'eseiller mais rien se passe...

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 22:12:27

Bizarre. On va procéder autrement.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\WINDOWS\dyvolow.dll
C:\WINDOWS\system32\azotidug._sy
C:\Documents and Settings\Denis\Application Data\okigopor.exe
C:\WINDOWS\yqoly.pif
C:\WINDOWS\xylox.sys
C:\Documents and Settings\Denis\Application Data\olam.reg
C:\WINDOWS\pikuraxi.scr
C:\WINDOWS\ucaxet.db
C:\WINDOWS\system32\bafukedy.reg
C:\WINDOWS\ikygif.dat
C:\WINDOWS\ufoqog._dl
C:\Program Files\Fichiers communs\acedosuzir.pif
C:\WINDOWS\system32\owyp.lib
C:\WINDOWS\system32\TDSSosvd.dat
C:\WINDOWS\system32\TDSSmtvd.dat

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 22:28:42

Finalement sa la marcher avec ComboFix apres le 4eme essais...

ComboFix 08-10-24.02 - Denis 2008-10-24 16:15:13.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1566 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Denis\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Denis\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
C:\Documents and Settings\Denis\Application Data\okigopor.exe
C:\Documents and Settings\Denis\Application Data\olam.reg
C:\Program Files\Fichiers communs\acedosuzir.pif
C:\WINDOWS\dyvolow.dll
C:\WINDOWS\ikygif.dat
C:\WINDOWS\pikuraxi.scr
C:\WINDOWS\system32\azotidug._sy
C:\WINDOWS\system32\bafukedy.reg
C:\WINDOWS\system32\owyp.lib
C:\WINDOWS\system32\TDSSmtvd.dat
C:\WINDOWS\system32\TDSSosvd.dat
C:\WINDOWS\ucaxet.db
C:\WINDOWS\ufoqog._dl
C:\WINDOWS\xylox.sys
C:\WINDOWS\yqoly.pif
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Denis\Application Data\okigopor.exe
C:\Documents and Settings\Denis\Application Data\olam.reg
C:\Program Files\Fichiers communs\acedosuzir.pif
C:\WINDOWS\dyvolow.dll
C:\WINDOWS\ikygif.dat
C:\WINDOWS\pikuraxi.scr
C:\WINDOWS\system32\azotidug._sy
C:\WINDOWS\system32\bafukedy.reg
C:\WINDOWS\system32\owyp.lib
C:\WINDOWS\system32\TDSSmtvd.dat
C:\WINDOWS\system32\TDSSosvd.dat
C:\WINDOWS\ucaxet.db
C:\WINDOWS\ufoqog._dl
C:\WINDOWS\xylox.sys
C:\WINDOWS\yqoly.pif

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-24 au 2008-10-24 ))))))))))))))))))))))))))))))))))))
.

2008-10-24 14:42 . 2008-10-24 14:42 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-24 14:42 . 2008-10-24 14:42 <REP> d-------- C:\Documents and Settings\Denis\Application Data\Malwarebytes
2008-10-24 14:42 . 2008-10-24 14:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-24 14:42 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-24 14:42 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-23 22:19 . 2008-10-23 22:19 <REP> d-------- C:\Program Files\Trend Micro
2008-10-23 18:18 . 2008-10-23 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-10-23 17:53 . 2008-10-23 17:53 <REP> d-------- C:\Program Files\Yahoo!
2008-10-23 17:53 . 2008-10-23 17:53 <REP> d-------- C:\Program Files\CCleaner
2008-10-23 16:41 . 2008-10-23 16:41 <REP> d-------- C:\Program Files\Enigma Software Group
2008-10-21 20:04 . 2008-10-21 20:04 <REP> d-------- C:\Documents and Settings\Denis\Application Data\AdobeUM
2008-10-17 02:30 . 2008-10-18 13:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-17 02:30 . 2008-10-17 02:30 1,409 --a------ C:\WINDOWS\QTFont.for
2008-10-15 22:28 . 2008-09-08 06:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 21:53 . 2008-09-15 11:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 21:51 . 2008-08-14 09:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 21:51 . 2008-08-14 09:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 21:51 . 2008-08-14 09:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 21:51 . 2008-08-14 09:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-14 12:15 . 2008-10-14 12:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Blizzard
2008-10-12 05:19 . 2008-10-12 05:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-10-12 05:18 . 2008-10-12 05:18 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-12 05:18 . 2008-10-12 05:18 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-10-12 05:17 . 2008-10-13 11:33 <REP> d-------- C:\Program Files\Fichiers communs\Logishrd
2008-10-08 20:47 . 2008-10-08 20:47 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-09-30 23:06 . 2008-10-14 22:12 <REP> d-------- C:\Program Files\Warcraft III
2008-09-25 13:03 . 2008-10-23 16:29 <REP> d-------- C:\Program Files\Steam

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-23 21:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-23 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-10-23 18:12 --------- d-----w C:\Program Files\EA GAMES
2008-10-23 18:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-23 04:43 --------- d-----w C:\Documents and Settings\Denis\Application Data\Xfire
2008-10-23 02:43 137,480 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-10-23 02:42 183,120 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-10-23 01:52 --------- d-----w C:\Program Files\Xfire
2008-10-21 18:59 --------- d-----w C:\Program Files\World of Warcraft
2008-10-15 00:28 --------- d-----w C:\Program Files\StarCraft
2008-10-12 18:41 --------- d-----w C:\Program Files\Logitech
2008-10-12 09:47 --------- d-----w C:\Documents and Settings\Denis\Application Data\DivX
2008-10-08 00:48 --------- d-----w C:\Program Files\DivX
2008-10-03 01:31 --------- d-----w C:\Program Files\Diablo II
2008-10-01 03:07 --------- d-----w C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-09-23 19:40 --------- d-----w C:\Documents and Settings\Denis\Application Data\CyberLink
2008-09-23 19:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 01:59 --------- d-----w C:\Program Files\THQ
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-06 17:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-06 17:07 --------- d-----w C:\Program Files\Lavasoft
2008-09-06 17:07 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-08-31 16:46 --------- d-----w C:\Program Files\Stardock
2008-08-31 16:46 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-08-29 16:07 97,928 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-26 08:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-24 07:31 --------- d-----w C:\Documents and Settings\Denis\Application Data\GarageGames
2008-08-14 13:23 2,191,232 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:23 2,068,096 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-05 22:02 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-08-05 22:02 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-08-05 22:02 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-08-05 22:02 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-08-05 22:02 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-08-05 22:00 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-08-05 22:00 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-08-05 21:59 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-08-05 21:59 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-08-05 21:59 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-08-05 21:59 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-08-05 21:59 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-08-05 21:59 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-08-05 21:59 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-08-05 21:59 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-08-05 21:58 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-08-05 21:58 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-08-05 21:58 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-08-05 21:58 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-08-05 21:58 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-08-05 21:58 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-08-05 21:58 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-26 01:20 86,528 ----a-w C:\WINDOWS\bnetunin.exe
2008-07-18 20:35 22,328 ----a-w C:\Documents and Settings\Denis\Application Data\PnkBstrK.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-07-18 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-09-29 1234712]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-09-10 864256]
"nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe]
"CTHelper"="CTHELPER.EXE" [2008-02-20 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2008-02-20 C:\WINDOWS\system32\Ctxfihlp.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"C:\Nexon\Combat Arms\CombatArms.exe"= C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms\Engine.exe"= C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"C:\\Nexon\\Combat Arms\\NMService.exe"=
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"C:\\Program Files\\THQ\\Titan Quest Immortal Throne\\Tqit.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\Warcraft III\\Frozen Throne.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-29 97928]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 875288]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-17 76040]
R2 CTAudSvcService;Creative Audio Service;C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-03-07 417792]
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2008-02-25 1172504]
S3 ADM8511;Convertisseur USB vers Fast Ethernet ADMtek ADM8511/AN986;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS [2001-08-17 20160]
.
Contenu du dossier 'Tâches planifiées'

2008-07-17 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 17:13]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-24 16:18:33
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

PROCESSUS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

PROCESSUS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\CTxfispi.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\MagicTune Premium\MagicTune.exe
.
**************************************************************************
.
Heure de fin: 2008-10-24 16:24:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-24 20:24:03
ComboFix2.txt 2008-10-24 19:39:08

Avant-CF: 193 154 994 176 octets libres
Après-CF: 193,178,832,896 octets libres

240 --- E O F --- 2008-10-16 10:45:45

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 22:43:17

---> Poste un nouveau rapport HijackThis.

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 22:45:00

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:44:41, on 2008-10-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Stardock\Object Desktop\ThemeManager\wbload.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MagicTune Premium\MagicTune.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpyHunter Security Suite] "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O18 - Protocol: bw+0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
End of file - 19019 bytes

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 23:17:05

---> Mets à jour Java :
http://www.java.com/fr/download/manual.jsp

---> Relance HijackThis et choisis Do a system scan only

---> Coche toutes les cases 018 sauf celle d'AVG.

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Redémarre ton PC et poste le rapport.

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 23:24:58

Ok je suis entrain de le faire mais, ya til des erreurs avec mon ordi? car moi jy comprend rien au rapport hijackthis :P

Répondre à Scorpion571

Destrio5, le 24 oct 2008 à 23:28:30

"O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing)"

---> ComboFix a supprimé ce fichier alors qu'il est légitime. Il faut que tu réinstalles le pilote vidéo. Si tu ne sais pas où le trouver, donne-moi la marque et modèle de ton PC.

Répondre à Destrio5

Scorpion571, le 24 oct 2008 à 23:29:56

Ah ok oui je sais ou l'avoir

Répondre à Scorpion571

Scorpion571, le 24 oct 2008 à 23:44:14

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:42:52, on 2008-10-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Stardock\Object Desktop\ThemeManager\wbload.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MagicTune Premium\MagicTune.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpyHunter Security Suite] "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O18 - Protocol: bw+0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {1C43D813-AED9-46C5-BA7F-1879B98C6009} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
End of file - 19269 bytes

et voila... jai fixer le driver

Répondre à Scorpion571

29 réponses 12 Suivant

Posez votre question Répondre