Sujet Précédent Sujet Suivant

[virus] infecté par win32.hllw.vb.ak ?

Résolu/Fermé
hsshaman Messages postés 30 Date d'inscription lundi 8 mai 2006 Statut Membre Dernière intervention 14 juillet 2009 - 8 juin 2006 à 22:32
hsshaman Messages postés 30 Date d'inscription lundi 8 mai 2006 Statut Membre Dernière intervention 14 juillet 2009 - 31 août 2007 à 18:00
Bonjour,
Kapersky m'a averti que le pc était infecté par " virus win32.hllw.vb.ak" mais je n'ai pas trouvé cette dénomination exacte sur le site de Kapersky. J'ai viré manuellement le fichier car Kapersky ne pouvait pas le faire, mais j'ai retrouvé le virus ailleurs après un nouveau scan.
J'ai essayé plusieurs méthodes, registryfix, ashampoo et des antivirus en ligne, mais à part Panda qui a découvert eicar.mod (Bravo !), les autres ne voient rien...
Ci-joint les rapports de Ewido ( j'en ai fait deux pour raison de "pas le temps, maintenant" et le premier est plus étoffé !), Bitdefender et Hijackthis, merci d'avance.

---------------------------------------------------------
ewido anti-malware - Rapport de scan
----------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 21:47:49, 08/06/2006
+ Somme de contrôle: E41FED41

+ Résultats du scan:

C:\Documents and Settings\Domie\Cookies\domie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder


::Fin du rapport

--------------------------------------------------------

+ Créé le: 02:06:26, 20/05/2006
+ Somme de contrôle: 99B7A5CF

+ Résultats du scan:

C:\Documents and Settings\Domie\Cookies\domie@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@com[1].txt -> TrackingCookie.Com : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@revenue[2].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Cookies\domie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Local Settings\Temp\temp.fr6F81\NavHelper\v2.0.4c\NHelper.dll -> Adware.NavExcel : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Local Settings\Temp\temp.fr6F81\NavHelper\v2.0.4c\NHUninstaller.exe -> Adware.NavExcel : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Local Settings\Temp\temp.fr6F81\NavHelper\v2.0.4c\v2.0.4c.cab/NHelper.dll -> Adware.NavExcel : Nettoyer et sauvegarder
C:\Documents and Settings\Domie\Local Settings\Temp\temp.fr6F81\NavHelper\v2.0.4c\v2.0.4c.cab/NHUninstaller.exe -> Adware.NavExcel : Nettoyer et sauvegarder


::Fin du rapport



BitDefender Online Scanner



Scan report generated at: Thu, Jun 08, 2006 - 01:08:27





Scan path: C:\;D:\;E:\;







Statistics

Time
01:50:24

Files
373650

Folders
936

Boot Sectors
2

Archives
3049

Packed Files
65338




Results

Identified Viruses
1

Infected Files
4

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
4




Engines Info

Virus Definitions
386940

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
40

Unpack plugins
4

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0008
Detected with: Adware.Navexcel.A

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0008
Disinfection failed

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0008
Deleted

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)
Update failed

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHelper.dll
Detected with: Adware.Navexcel.A

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHelper.dll
Disinfection failed

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHelper.dll
Deleted

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010
Update failed

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHUninstaller.exe
Detected with: Adware.Navexcel.A

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHUninstaller.exe
Disinfection failed

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHUninstaller.exe
Deleted

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010
Update failed

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHUpdater.exe
Detected with: Adware.Navexcel.A

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHUpdater.exe
Disinfection failed

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010=>NHUpdater.exe
Deleted

C:\Documents and Settings\Domie\Mes documents\domie\jeux\colortetris.exe=>(NSIS o)=>lzma_nsis0010
Update failed



Logfile of HijackThis v1.99.1
Scan saved at 22:03:33, on 08/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Wanadoo\Synchronisation Wanadoo\Voxsync.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe"
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - Startup: BoontyBox 01net.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Synchronisation Wanadoo.lnk = ?
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: bw+0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe


Et voilà ! Merci encore d'avance et @+

hsshaman esprit pas simple...

4 réponses

Réponse 1 / 4
aranjuez31 Messages postés 8047 Date d'inscription lundi 7 novembre 2005 Statut Contributeur Dernière intervention 9 juillet 2006 354
9 juin 2006 à 01:17
Hello

un brin de ménage pour y voir plus clair
ouvre hijack
coche et fixe tt ce qui suit

et remets un autre hijack derrière :

O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - https://www.epson.eu/support/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
+
O18 - Protocol: bw+0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F4CBEC51-3D8B-4DE4-9B88-C25C41A2550A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
0
Réponse 2 / 4
aranjuez31 Messages postés 8047 Date d'inscription lundi 7 novembre 2005 Statut Contributeur Dernière intervention 9 juillet 2006 354
9 juin 2006 à 01:24
re
continue
coche et fixe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - Startup: BoontyBox 01net.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Synchronisation Wanadoo.lnk = ?
=============
tu auras compris qu une part de tes ennuis se situe au niveau des jeux

désinstalle le programme 'Boonty'
===============
nettoie avec
- Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
============
pare-feu ??? quel est-il ?

(A)- Si tu n’ as pas de pare-feu, autre que le ‘joujou’ de Windows (à désactiver), je te conseille Kerio (gratuit même après les 30 jours d’ essai)
Tutorial et téléchargement ici :
https://www.vulgarisation-informatique.com/kerio.php
(B)- Règle d’ or à respecter : 1 seul pare-feu, 1 seul antivirus
0
hsshaman Messages postés 30 Date d'inscription lundi 8 mai 2006 Statut Membre Dernière intervention 14 juillet 2009
10 juin 2006 à 18:45
Hello !

Merci pour ta réponse, j'attendais un mail mais il a du partir à pied...

je n'ai effectivement que le parefeu windows et aussi un fiston fana de jeux...
...et de téléchargement sauvage.

Je vais bien m'amuser pour faire ce que tu m'as donné...

Encore merci et @+ Hsshaman simple d'esprit tordu
0
Réponse 3 / 4
aranjuez31 Messages postés 8047 Date d'inscription lundi 7 novembre 2005 Statut Contributeur Dernière intervention 9 juillet 2006 354
10 juin 2006 à 21:00
hello
c est loin d être fini

Merci de procéder dans l’ordre,
Télécharge TOUS ces programmes (si tu ne les as pas), installe-les.
Fais les mises à jour des progr 1/, 2/, 3/
Scan avec TOUS, COLLE comme demandé les rapports de 0/, 3/ & 6/

1/ -Ad-Aware (gratuit) :
Tutorial et téléchargement ici :
https://forums.cnetfrance.fr

2/ - Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

3/ - Ewido (download)- gratuit même après 14 jours d’essai
http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
Copie/COLLE le rapport généré sur ce forum
Pour certaines versions de Windows antérieures à XP, Ewido peut ne pas être compatible
Dans ce cas, il te faudra utiliser a-squared free et demander une clef pour son usage gratuit
https://www.emsisoft.com/fr/

4/ - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

6/ - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier
======
remettre un hijack à la suite des rapports ddés

bon courage

0
hsshaman Messages postés 30 Date d'inscription lundi 8 mai 2006 Statut Membre Dernière intervention 14 juillet 2009
29 août 2006 à 23:47
"Télécharge TOUS ces programmes (si tu ne les as pas), installe-les.
Fais les mises à jour des progr 1/, 2/, 3/
Scan avec TOUS, COLLE comme demandé les rapports de 0/, 3/ & 6/ "


Bonjour,

j'ai effectué toutes les manoeuvres annoncées, mais je ne comprend pas les numéros de rapport que tu m'as demandé : 0, 3 et 6, ça correspond à quoi ? de plus ce serait plus digeste si je n'avais pas à mettre le rapport de spybot qui fait environ 80 pages sur word...

merci de ton aide et à très bientôt

Cordialement, Hsshaman aux yeux rouges...
0
hsshaman Messages postés 30 Date d'inscription lundi 8 mai 2006 Statut Membre Dernière intervention 14 juillet 2009
24 sept. 2006 à 23:33
Bonojour,
excuse moi d'insister mais comme tu ne m'as pas répondu depuis cet été, je commence un peu à m'inquiéter, d'autant qu'on ne peut plus accéder au panneau de configuration et que nous ne sommes plus "administrateur" du PC, je ne veux pas faire des achats ou de la gestion via internet et c'est assez pénalisant...

...et puis j'espère aussi que tu vas bien !?!

Cordialement

Hsshaman


"Télécharge TOUS ces programmes (si tu ne les as pas), installe-les.
Fais les mises à jour des progr 1/, 2/, 3/
Scan avec TOUS, COLLE comme demandé les rapports de 0/, 3/ & 6/ "

Bonjour,

j'ai effectué toutes les manoeuvres annoncées, mais je ne comprend pas les numéros de rapport que tu m'as demandé : 0, 3 et 6, ça correspond à quoi ? de plus ce serait plus digeste si je n'avais pas à mettre le rapport de spybot qui fait environ 80 pages sur word...

merci de ton aide et à très bientôt

Cordialement, Hsshaman
0
Réponse 4 / 4
hsshaman Messages postés 30 Date d'inscription lundi 8 mai 2006 Statut Membre Dernière intervention 14 juillet 2009
31 août 2007 à 18:00
Je viens de m'apercevoir que cette discussion n'était pas terminée : finalement comme Aranjuez31 était absent, j'ai finalement sauvegardé les données du PC et formater le disque dur !
Le problème a disparu !

Merci pour l'aide même si ça n'a pa été au bout.

hsshaman
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses