Troyen JS/Wonka et spywares

Question

FORUM high-tech

SECURITE

Sécurité

Troyen JS/Wonka et spywares

Recherche :

11 utilisateurs inconnus

Mot : Pseudo : Filtrer
Page : 1 Bas de page
Auteur	Sujet : Troyen JS/Wonka et spywares

Fanny001

Bébé forumeur (De 10 à 49 messages postés)

Bonjour,

Mon antivirus (McAfee) a détecté le troyen JS/Wonka et je suis envahie par des popups publicitaires du genre amaena, system doctor 2006, ZEDO, Win Antivirus Pro 2006 etc.
J'ai passé plusieurs utilitaires anti spywares et anti virus mais rien à faire :pleure:

Je suis sous Windows XP Edition Familiale SP2, processeur Pentium 4 530 Hyper Treading, mémoire 512 Mo, disque dur 80 Go.

Merci d'avance pour votre aide.

(Publicité)

Page :

1

Haut de page

Sujets relatifs
errur windows due aux trojans ou spywares	[Résolu] Troyen win32:Agent-Vm[trj]
Troyen Win32 Medbot-AM	[Résolu] Trojan-downloader.JS.Psyme.cm
HELP: probleme troyen win32/svchost.exe	troyen trojan horse proxy.gdl et module exmodule32.exe etc
Après un troyen ? PC qui rame, Parefeu windows désactivé !	troyen swizzor gen
troyen Win32:Zlob-BN [Trj].	Troyen Alemod
Plus de sujets relatifs à : Troyen JS/Wonka et spywares

Les 5 sujets de discussion précédents	Nombre de réponses	Dernier message
icone avast disparu	0	13/11/2006 à 20:43:57
virus msn messages espagnol	3	01/12/2006 à 23:32:44
mon pc est infecté! de l'aide	17	15/11/2006 à 19:10:05
norton internet sécurité[résolu]	12	15/11/2006 à 21:57:35
Trojan ibm00001.exe	14	16/11/2006 à 02:02:43

Angeldark · Answer 1 · Posté le 13/11/2006 à 20:57:43

Bonsoir, Fais bien TOUT ce qui suit. - Télécharge Hijackthis de Merjin - Mets le dans un dossier ou sur ton bureau -- Clique Droit sur Hijackthis : -> Choisis " Renommer " -> Tape Scanner.exe puis valide - Lance l'application - Choisis l'option Do a system scan and save a logfile -- Le Bloc-Notes s'ouvre : -> Edition / Sélectionner Tout -> Edition / Copier - Colle le rapport ici. Aide sur Hijackthis

Fanny001 · Answer 2 · Posté le 13/11/2006 à 22:12:00

Voilà le rapport... Logfile of HijackThis v1.99.1 Scan saved at 22:02:07, on 13.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\VeriSign\NAVI\naviagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\WINDOWS\system32\LVCOMSX.EXE c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Documents and Settings\Fairy\Bureau\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: autoclk.exe O4 - HKLM\..\Run: adiras.exe O4 - HKLM\..\Run: C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,90/mcinsctl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C7B0A0B3-F4FC-464B-BD4C-56B15AE76ECF}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: bw+0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Angeldark · Answer 3 · Posté le 13/11/2006 à 22:25:30

Re, Télécharge Blacklight ( F-Secure ), clique sur " I ACCEPT " en bas de la page : Clique sur le premier " Download " afin de télécharger le programme Sauvegarde le sur ton Bureau Double-clique blbeta.exe et accepte la licence; clique Scan puis Next . A la fin du scan, NE TOUCHE A RIEN ! Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres). Nous devons analyser ce rapport, ferme donc le BlackLight. Poste le rapport sur le forum. Aide sur BlackLight de Malekal_Morte

Fanny001 · Answer 4 · Posté le 13/11/2006 à 22:38:16

Voilà 11/13/06 22:35:21 : BlackLight Engine 1.0.47 initialized 11/13/06 22:35:21 : OS: 5.1 build 2600 (Service Pack 2) 11/13/06 22:35:21 : 7019 4 11/13/06 22:35:21 : 7005 0 11/13/06 22:35:21 : 7006 0 11/13/06 22:35:22 : 7011 804 11/13/06 22:35:22 : 7026 0 11/13/06 22:35:22 : 7026 0 11/13/06 22:35:22 : 7024 3 11/13/06 22:35:22 : Hidden process: C:\windows\system32\ysmxrdoicn.exe 11/13/06 22:35:22 : FSRAW library version 1.7.1020 11/13/06 22:36:41 : Hidden file: c:\WINDOWS\Prefetch\YSMXRDOICN.EXE-22D849BB.pf 11/13/06 22:36:41 : 10002 1 11/13/06 22:36:57 : Hidden file: c:\WINDOWS\SYSTEM32\ysmxrdoicn.dat 11/13/06 22:36:57 : 10002 1 11/13/06 22:36:57 : Hidden file: C:\windows\system32\ysmxrdoicn.exe 11/13/06 22:36:58 : 10002 1 11/13/06 22:36:58 : Hidden file: c:\WINDOWS\SYSTEM32\ysmxrdoicn_nav.dat 11/13/06 22:36:58 : 10002 1 11/13/06 22:36:58 : Hidden file: c:\WINDOWS\SYSTEM32\ysmxrdoicn_navps.dat 11/13/06 22:36:58 : 10002 1 11/13/06 22:37:08 : 7007 0

Fanny001 · Answer 5 · Posté le 14/11/2006 à 12:09:29

Bonjour, Merci à Angeldark pour son aide. Est-ce que quelqu'un peut m'aider pour l'analyse du rapport BlackLight que j'ai posté ? J'ai encore des fenêtres popup intempestives qui s'affichent tout le temps. D'autre part, je voudrais savoir comment ce genre d'infection se produit, sites à éviter etc. Merci d'avance

Angeldark · Answer 6 · Posté le 14/11/2006 à 17:46:02

Re, Les manipulations sont à faire sans interruption et dans l'ordre Si tu ne comprends pas quelque chose, demande des explications avant de commencer. Enregistre cette page pour avoir accès à la procédure en mode sans échec : - Fichier - Enregistrer Sous... - Nom du fichier : Procédure - Type : Page Web, complète - Pour l'emplacement, chosis ton Bureau - Clique maintenant sur Enregistrer Télécharge : Brute Force Uninstaller (de Merjin) . Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU) Navipromo.zip et décompresse-le sur ton bureau. FAIS UN CLIQUE-DROIT ICI et choisis " Enregistrer la cible sous... " afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde-le dans le dossier créé (C:\BFU). Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important). Note : Si tu utlises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs " Type : " affiche " Tous les fichiers ". AIDE : Comment installer et utiliser BFU ? Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis " Mode Sans Échec " et valide avec " Entrée ". Choisis ton compte usuel, et non Administrateur. Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU) - Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute , et double-clique sur : EGDACCESS.bfu - Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu Clique sur Execute et laisse-le faire son travail. Attends que Complete script execution apparaîsse pour cliquer sur OK . Clique Exit pour fermer le programme BFU. Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo . Sélectionne l'option "Recherche et suppression automatique". Patiente pendant le scan. S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé. Redémarre normalement. Poste les rapports : - Hijackthis - C:\ egd.txt - C:\ Navipromo.txt

Fanny001 · Answer 7 · Posté le 14/11/2006 à 18:28:05

Voilà le rapport Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 18:20:17, on 14.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\VeriSign\NAVI\naviagent.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\WINDOWS\system32\LVCOMSX.EXE c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\WinZip\WZQKPICK.EXE c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Documents and Settings\Fairy\Bureau\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: autoclk.exe O4 - HKLM\..\Run: adiras.exe O4 - HKLM\..\Run: C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,90/mcinsctl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C7B0A0B3-F4FC-464B-BD4C-56B15AE76ECF}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: bw+0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe le rapport egd.txt Windows Registry Editor Version 5.00 "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe" "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask" "MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe" "MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe" "UpdateManager"="\"C:\\Program Files\\Fichiers communs\\Sonic\\Update Manager\\sgtray.exe\" /r" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "DMXLauncher"="C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe" "VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe" "autoclk"="autoclk.exe" "adiras"="adiras.exe" "MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe" "RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\"" "WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe" "WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\TaskbarIcon.exe" "WooCnxMon"="C:\\PROGRA~1\\Wanadoo\\CnxMon.exe" "OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe" "UserFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,\ 6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\ 00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,75,00,\ 00,00 "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe " "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe" "ysmxrdoicn"="c:\\windows\\system32\\ysmxrdoicn.exe ysmxrdoicn" "Installed"="1" "NoChange"="1" "Installed"="1" "Installed"="1" Navipromo.txt Rapport Navipromo.bat 0.5 effectué le 14.11.2006 à 18:15:15,00 ** Recherche... Fin du rapport de recherche Adware Navipromo non trouvé avec cette méthode ------------- Rapport Navipromo.bat 0.5 effectué le 14.11.2006 à 18:17:04,71 ** Recherche... Fin du rapport de recherche Adware Navipromo non trouvé avec cette méthode Un grand merci pour ton aide !

Angeldark · Answer 8 · Posté le 14/11/2006 à 18:35:43

Re, Ouvre le Bloc-Notes et copie-colle les lignes en bleu ci-dessous : RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ysmxrdoicn RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ysmxrdoicn FileDelete %SYSDIR%\ysmxrdoicn_navps.dat FileDelete %SYSDIR%\ysmxrdoicn_nav.dat FileDelete %SYSDIR%\ysmxrdoicn.dat FileDelete %SYSDIR%\ysmxrdoicn.exe FileDelete %WINDIR%\PREFETCH\ysmxrdoicn.exe*.pf SystemEmptyRecycleBin FileDelete C:\egd.txt SystemRun regedit|/e C:\egd.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"|0 OptionBFUExit Sauvegarde dans le dossier créé (C:\BFU) (Nom du fichier : "Fixme.bfu " -sans inclure les guillemets- ; Type : Tous les fichiers). Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur. Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU) - Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute , et double-clique sur : EGDACCESS.bfu - Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu Clique sur Execute et laisse-le faire son travail. Attendre que Complete script execution apparaîsse et clique sur OK . Clique Exit pour fermer le programme BFU. Relance ensuite BFU - Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute , et double-clique sur : Fixme.bfu Clique sur Execute et laisse-le faire son travail. Redémarre normalement. Poste les rapports situés ici : C:\egd.txt accompagné d'un rapport Hijackthis. NOTE : Si tu ne sais pas où trouver le Bloc-Notes, voici comment le trouver rapidement : Démarrer-> Exécuter...-> Tape Notepad puis valide

Fanny001 · Answer 9 · Posté le 14/11/2006 à 20:42:52

Rapport egd.txt Windows Registry Editor Version 5.00 "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe" "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask" "MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe" "MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe" "UpdateManager"="\"C:\\Program Files\\Fichiers communs\\Sonic\\Update Manager\\sgtray.exe\" /r" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "DMXLauncher"="C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe" "VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe" "autoclk"="autoclk.exe" "adiras"="adiras.exe" "MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe" "RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\"" "WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe" "WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\TaskbarIcon.exe" "WooCnxMon"="C:\\PROGRA~1\\Wanadoo\\CnxMon.exe" "OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe" "UserFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,\ 6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\ 00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,75,00,\ 00,00 "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe " "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe" "Installed"="1" "NoChange"="1" "Installed"="1" "Installed"="1" Rapport Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 20:38:41, on 14.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\VeriSign\NAVI\naviagent.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Logitech\Video\FxSvr2.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Documents and Settings\Fairy\Bureau\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: autoclk.exe O4 - HKLM\..\Run: adiras.exe O4 - HKLM\..\Run: C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,90/mcinsctl.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C7B0A0B3-F4FC-464B-BD4C-56B15AE76ECF}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: bw+0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {151A2223-44F4-4826-92B2-DE25D625F141} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Angeldark · Answer 10 · Posté le 14/11/2006 à 20:45:55

Angeldark

Débutant confirmé (de 1 000 à 4 999 messages postés)

D'autres problèmes ?

Fanny001 · Answer 11 · Posté le 14/11/2006 à 20:52:18

Fanny001

A priori non... C'est bon selon toi ?

Fanny001 · Answer 12 · Posté le 14/11/2006 à 20:55:55

Fanny001

Bon j'ai encore eu un popup :/

Angeldark · Answer 13 · Posté le 14/11/2006 à 20:57:06

Re, Avec Internet Explorer Fais un scan en ligne Panda - Clique sur " Scan your PC " - Ensuite sur " Check Now " - /!\ Clique en bas sur " I don't Accept " Entre ton adresse e-mail puis commence le scan - Poste le rapport en fin d'analyse Si tu as Avast! désactive-le lors du scan

Fanny001 · Answer 14 · Posté le 14/11/2006 à 21:25:54

Fanny001

Voilà...

Incident Status Location Potentially unwanted tool:application/funweb Not disinfected c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Fairy\Cookies\fairy@atdmt[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Fairy\Cookies\fairy@bs.serving-sys[2].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Fairy\Cookies\fairy@questionmarket[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Fairy\Cookies\fairy@serving-sys[2].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Fairy\Cookies\fairy@weborama[2].txt

Angeldark · Answer 15 · Posté le 14/11/2006 à 21:33:42

- Assure toi d'avoir accès aux dossiers/fichiers cachés -> Démarrer -> Panneau de configuration -> Options des Dossiers, onglet Affichage : . Clique sur Afficher les dossiers cachés . Décoche Masquer les extensions des fichiers dont le type est connu . Décoche Masquer les fichiers protégés du système d'exploitation Supprime : c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf Télécharge puis installe AVG Anti-Spyware (AVG AS) Une fois AVG AS lancé, clique sur " Mise à jour " Ferme le programme. AIDE : Tuto de Malekal Redémarre en mode sans échec Relance AVG AS puis choisis l'onglet "Analyse" Puis l'onglet " Paramètres " Sous la question " Comment réagir ? ", clique sur " Actions recommandées " et choisis " Quarantaine " Re-clique sur l'onglet " Analyse " puis réalise une " Analyse complète du système " /!\ Si un fichier est infecté en fin d'analyse /!\ Clique sur " Appliquer toutes les actions " Clique sur " Enregistrer le rapport " puis sur " Enregistrer le rapport sous " Enregistre ce fichier texte sur ton bureau. Redémarre normalement Copie/Colle le rapport ici.

Fanny001 · Answer 16 · Posté le 14/11/2006 à 21:42:17

Fanny001

J'ai fait ce que tu m'as dit mais je ne trouve pas c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf

Angeldark · Answer 17 · Posté le 14/11/2006 à 21:43:50

Angeldark

Continue

Fanny001 · Answer 18 · Posté le 14/11/2006 à 22:49:25

Voilà le rapport. Spybot m'avait déjà identifié ces tracking cookies mais ils reviennent tout le temps. En ce qui concerne le fichier que je n'ai pas trouvé, que dois-je faire ? --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 22:42:31 14.11.2006 + Résultat de l'analyse: C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP343\A0300985.exe -> Adware.Trymedia : Nettoyé. C:\Documents and Settings\Fairy\Cookies\fairy@atdmt .txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Fairy\Cookies\fairy@doubleclick .txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Fairy\Cookies\fairy@questionmarket .txt -> TrackingCookie.Questionmarket : Nettoyé. C:\Documents and Settings\Fairy\Cookies\fairy@bs.serving-sys .txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Fairy\Cookies\fairy@serving-sys .txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Fairy\Cookies\fairy@weborama .txt -> TrackingCookie.Weborama : Nettoyé. Fin du rapport

Angeldark · Answer 19 · Posté le 15/11/2006 à 13:36:28

Angeldark

D'autres problème ?

Fanny001 · Answer 20 · Posté le 15/11/2006 à 13:48:43

Bonjour, Tout a l'air d'être rentré dans l'ordre. Mille mercis pour ton aide ! Peux-tu juste me dire ce que je dois faire pour éviter que cela ne se reproduise ?

Angeldark · Answer 21 · Posté le 15/11/2006 à 14:08:24

Dénonce ton infection (EGDACCESS) pour faire condamner les auteurs , ça serait sympa. Crée un message pour faire avancer les choses sur Malware-Complaints , nous devons être le plus nombreux possibles, alors rends compte de ton infection. AIDE : Comment rapporter son infection sur Malware-Complaints ? Consulte cette page pour éviter que ces problèmes ne réapparaissent pas.

Fanny001 · Answer 22 · Posté le 15/11/2006 à 14:30:47

Fanny001

C'est fait !
Encore merci de ton aide !
A+

Angeldark · Answer 23 · Posté le 15/11/2006 à 14:34:53

Angeldark

Merci