Infection trojan , rapports

Résolu
julien -  
 Utilisateur anonyme -
Bonjour, je suis egalement infecté et voici les rapports hijackthis et ewido. faut-il egalement le rapport bidefender ?

1 -- hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 02:09:16, on 19/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
C:\Documents and Settings\JJ\Application Data\??crosoft\dvdplay.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {062A45B5-7379-4CA3-B2DE-2B07C605C6D5} - C:\WINDOWS\system32\wmvcpre2.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O4 - HKLM\..\Run: [D066UUtility] C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_9904] C:\WINDOWS\p_9904.exe /Q:A
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Cccs] "C:\WINDOWS\system32\PPPATC~1\tracert.exe" -vt yazb
O4 - HKCU\..\Run: [Dfdw] C:\Documents and Settings\JJ\Application Data\??crosoft\dvdplay.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.fuj...
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/03ab81933e27e2c31521/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - https://www.songtexte.de
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/i...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game13.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4539/mcfs...
O18 - Protocol: bw+0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winhdn32 - C:\WINDOWS\SYSTEM32\winhdn32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

2 -- EWIDO :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 05:09:01 19/08/2006

+ Scan result:

C:\Program Files\Fichiers communs\Sandlot Shared\slghex.dll -> Adware.SpywareStorm : Cleaned with backup (quarantined).
C:\WINDOWS\system32\__delete_on_reboot__w_m_v_c_p_r_e_2_._d_l_l_ -> Adware.Stud : Cleaned with backup (quarantined).
[412] C:\WINDOWS\system32\wmvcpre2.dll -> Adware.Stud : Error during cleaning.
C:\Program Files\ToolBar888 -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\Activate.exe -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\Uninst.exe -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\__delete_on_reboot__M_y_T_o_o_l_B_a_r_._d_l_l_ -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Local Settings\Temporary Internet Files\Content.IE5\VDI6IBQY\anti4[1].exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Local Settings\Temp\gel90xne.sys -> Backdoor.Genlot.DX : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win3C.tmp.exe -> Downloader.Obfuscated.a : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-4b4e04ec-2578e168.class -> Downloader.OpenStream.y : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\Y1123OA.exe -> Downloader.PurityScan.cq : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\OA.exe -> Downloader.PurityScan.cq : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\mshtml3.exe -> Downloader.PurityScan.cq : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ΑppPatch\__delete_on_reboot__t_r_a_c_e_r_t_._e_x_e_ -> Downloader.PurityScan.cq : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win43.tmp.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Local Settings\Temporary Internet Files\Content.IE5\EPGBM9M5\l11[1].exe -> Downloader.Zlob.afg : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Local Settings\Temporary Internet Files\Content.IE5\EPGBM9M5\srvkeq[1].exe -> Dropper.Small.art : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\__delete_on_reboot__w_i_n_1_0_C_._t_m_p_._e_x_e_ -> Dropper.Small.art : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Local Settings\Temporary Internet Files\Content.IE5\MJERIPEV\wbk46.tmp -> Logger.Bankfraud.pd : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-7e09d0a6-64b5dce1.zip/NewSecurityClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\JJ\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-7e09d0a6-64b5dce1.zip/NewURLClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\WINDOWS\Temp\__delete_on_reboot__i_d_d_4_C_._t_m_p_._e_x_e_ -> Trojan.Dialer.qy : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Local Settings\Temporary Internet Files\Content.IE5\89SBCVEF\srvkww[1].exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\Documents and Settings\JJ\Local Settings\Temporary Internet Files\Content.IE5\QHK6UMKY\srvcyz[1].exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win49.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\winFB.tmp -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\WINDOWS\system32\drivers\etc\hosts -> Trojan.Qhost.r : Cleaned with backup (quarantined).
C:\WINDOWS\system32\drivers\etc\hosts.msn -> Trojan.Qhost.r : Cleaned with backup (quarantined).

::Report end

15 réponses

  1. Utilisateur anonyme
     
    Salut,
    petit nettoyage on enléve quleques programmes du demarrage! pour que ton PC retrouve un peu de vitalité!

    Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: (no name) - {062A45B5-7379-4CA3-B2DE-2B07C605C6D5} - C:\WINDOWS\system32\wmvcpre2.dll (file missing)
    O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
    O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Cccs] "C:\WINDOWS\system32\PPPATC~1\tracert.exe" -vt yazb
    O4 - HKCU\..\Run: [Dfdw] C:\Documents and Settings\JJ\Application Data\??crosoft\dvdplay.exe
    O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.fuj...
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/03ab81933e27e2c31521/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
    O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
    O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - https://www.songtexte.de
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/i...
    O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game13.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab
    O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4539/mcfs...
    O18 - Protocol: bw+0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {7069C8A8-009C-4AFF-91FC-F4ABCD339FC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: winhdn32 - C:\WINDOWS\SYSTEM32\winhdn32.dll

    Applique ça:

    Fais ce nettoyage: (à faire réguliérement)

    ¤Telecharges et installes ceci:
    CCleaner:
    Ccleaner

    dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
    Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

    ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

    Puis après seulement:

    Télécharge VirtumundoBegone sur le bureau:
    http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

    Double clique ensuite sur VirtumundoBeGone.exe et suis les instructions.
    Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le bureau dans ta prochaine réponse avec un nouveau rapport HijackThis.
    Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale", c'est normal et attendu.

    dès qu'il aura redemarré poste un nouveau rapport hijackthis avec le rappor tBidefender si tu l'as encore ;-)

    A+++
    0
    1. julius
       
      oui j'ai conservé le rapport bitdefender :
      BitDefender Online Scanner - Real Time Virus Report



      Generated at: Sat, Aug 19, 2006 - 10:33:58


      --------------------------------------------------------------------------------





      Scan Info



      Scanned Files
      703511

      Infected Files
      47








      Virus Detected



      Trojan.Downloader.Agent.XXX
      3

      Trojan.Starter.V
      2

      Exploit.Win32.WMF-PFV
      3

      Trojan.Java.Classloader.D
      1

      Trojan.Exploit.Js.Cve.2005.1790.J
      1

      Java.Trojan.Exploit.Bytverify
      1

      Trojan.Downloader.IstBar.RB
      1

      Trojan.Java.Classloader.G
      1

      Java.Trojan.Downloader.OpenStream.C
      1

      Trojan.Java.Classloader.H
      1

      Trojan.Exploit.Java.Bytverify
      1

      Trojan.Downloader.Small.ON
      2

      Exploit.IECrashJS2.Gen
      8

      Trojan.Java.ClassLoader.C
      3

      Trojan.Java.Byteverify.Exploit.C
      1

      Trojan.Java.ClassLoader.D
      2

      Trojan.Downloader.Purityscan.CQ
      3

      Trojan.Exploit.Byteverify.G
      1

      Trojan.Downloader.Java.Openstream.Y
      1

      Trojan.PornDialer.K
      6

      Win32.Bagle.EE@mm
      1

      Trojan.Downloader.Java.Openconnection.AJ
      1

      Trojan.Downloader.Zlob.TZ
      2



      allez je file au travail, je ferai le nettoyage que tu me conseilles ce soir :)
      0
  2. julius72 Messages postés 4 Date d'inscription   Statut Membre
     
    Voici, j'ai, suivi tes etapes une à une, voici le rapport hijackthis au final ainsi que le VBG.

    1 -- Hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 11:08:34, on 19/08/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: (no name) - {062A45B5-7379-4CA3-B2DE-2B07C605C6D5} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [D066UUtility] C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
    O4 - HKLM\..\Run: [DXM6Patch_9904] C:\WINDOWS\p_9904.exe /Q:A
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: winhdn32 - C:\WINDOWS\SYSTEM32\winhdn32.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

    2 -- le VBG

    [08/19/2006, 11:01:38] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\JJ\Bureau\VirtumundoBeGone.exe" )
    [08/19/2006, 11:01:53] - Detected System Information:
    [08/19/2006, 11:01:53] - Windows Version: 5.1.2600, Service Pack 2
    [08/19/2006, 11:01:53] - Current Username: JJ (Admin)
    [08/19/2006, 11:01:53] - Windows is in NORMAL mode.
    [08/19/2006, 11:01:53] - Searching for Browser Helper Objects:
    [08/19/2006, 11:01:53] - BHO 1: {062A45B5-7379-4CA3-B2DE-2B07C605C6D5} ()
    [08/19/2006, 11:01:53] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [08/19/2006, 11:01:53] - No filename found. Continuing.
    [08/19/2006, 11:01:53] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
    [08/19/2006, 11:01:53] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [08/19/2006, 11:01:53] - BHO 4: {BDF3E430-B101-42AD-A544-FADC6B084872} (CNavExtBho Class)
    [08/19/2006, 11:01:53] - Finished Searching Browser Helper Objects
    [08/19/2006, 11:01:53] - Finishing up...
    [08/19/2006, 11:01:53] - Nothing found! Exiting...

    Par contre je n'ai pas eu d'ecran bleu et j'ai tjrs Ewido qui me repvient sans arret que j'ai tel et tel Malware et Norton m'a dit au redemarrage que j'avais tjrs les trojan Downloader, Nebuler...

    A+++
    0
    1. Utilisateur anonyme
       
      bonsoir,

      Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

      O2 - BHO: (no name) - {062A45B5-7379-4CA3-B2DE-2B07C605C6D5} - (no file)
      O20 - Winlogon Notify: winhdn32 - C:\WINDOWS\SYSTEM32\winhdn32.dll
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe


      Clic sur demarrer, executer, tape: services.msc cherche et regle cette ligne sur "desactivé"

      France Telecom Routing Table Service (inutile)



      Telecharges Killbox:
      https://www.generation-nt.com/killbox-telechargement-25430.html

      Doubles clique sur killbox.exe (Pocket Killbox)

      - coches: delete on reboot
      dans la barre vide entre ceci: (exactement)

      C:\WINDOWS\SYSTEM32\winhdn32.dll

      - cliques sur la croix rouge
      - une fenetre va apparaitre pour confirmation cliques sur YES
      - une seconde fenetre te demande si tu veux redemarrer cliques sur YES


      Une fois qu'il aura redemarrer, scan ton PC avec ces logiciels là si tu ne les as pas:

      SpyBot-Search & Destroy: (gratuit)
      Spybot Search & Destroy

      A² free: (gratuit)
      A² Squared

      Ad-Aware SE Personal: (en anglais, gratuit))
      Ad-aware
      -Le patch pour le faire fonctionner Ad-Aware SE en français: Patch français pour Ad-aware


      Refais un scan chez bitdefender et recolle nous le rapport en entier s'il te plait avec un nouveau rapport hijackthis

      A++
      0
  3. julien
     
    qqun peut m'aider ? norton detecte tjrs nebuler et ewido continue aussi de detecter plusieurs malwares ?
    0
  4. julien
     
    Bonsoir boulepate62,
    j'ai bien suivi à la lettre tes conseils et voici le rapport bitdefender puis hijackthis :

    BITDEFENDER

    BitDefender Online Scanner - Rapport virus en temps réel

    Généré à: Tue, Aug 22, 2006 - 01:21:52

    --------------------------------------------------------------------------------

    Info d'analyse

    Fichiers scannés
    660758

    Infectés Fichiers
    5

    Virus Détectés

    Trojan.Java.Classloader.D
    1

    Trojan.Java.Classloader.G
    1

    Java.Trojan.Downloader.OpenStream.C
    1

    Trojan.Java.Classloader.H
    1

    Trojan.Downloader.Agent.ADE
    1

    --------------------------------------------------------------------------------

    Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.

    HIJACKTHIS

    Logfile of HijackThis v1.99.1
    Scan saved at 01:28:29, on 22/08/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\INVISI~1\invtray.exe
    C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\Program Files\a-squared Anti-Malware\a2scan.exe
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\Program Files\WETTER 2004 V2.0\Wett2k4.exe
    C:\Documents and Settings\JJ\Mes documents\julien.jovelin\FS2004\AISmooth.exe
    C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [D066UUtility] C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
    O4 - HKLM\..\Run: [DXM6Patch_9904] C:\WINDOWS\p_9904.exe /Q:A
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\RunOnce: [ICLaunch000] C:\DOCUME~1\JJ\LOCALS~1\Temp\_inst1.exe /B1 /DEL
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Invisible Secrets 4] C:\PROGRA~1\INVISI~1\invtray.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: winhdn32 - winhdn32.dll (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

    Cordialement,
    Julien :-)
    0
    1. Utilisateur anonyme
       
      Salut Julien!

      Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

      O4 - HKLM\..\RunOnce: [ICLaunch000] C:\DOCUME~1\JJ\LOCALS~1\Temp\_inst1.exe /B1 /DEL
      O20 - Winlogon Notify: winhdn32 - winhdn32.dll (file missing)
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe


      Clic sur demarrer, executer, tape: services.msc cherche dans la liste cette ligne et regle la sur "desactivé"

      France Telecom Routing Table Service (inutile)



      Fais ce nettoyage: (à faire réguliérement)

      ¤Telecharges et installes ceci:
      CCleaner:
      Ccleaner

      dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
      Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

      ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"



      le rapport Bitdefender est incomplet dommage! par précaution pour qu'il est plus de virus (esperons) fait ça

      nous allons créer un point proprede restauration.

      Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

      ¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
      ¤ decoches la case et clic sur "appliquer" puis "ok".

      Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

      Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
      Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.



      Puis fais encore ça stp on devrait bientot voir le bout du tunnel!

      Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
      Une fois qu'il a terminé colle le rapport ici stp

      _Online Scanner
      _Kaspersky Online Scanner
      _My Computer

      https://www.kaspersky.fr/downloads


      A ++ tard!
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. julien
     
    rapport bitdefender incomplet ??? comment ca ?
    0
    1. Utilisateur anonyme
       
      On ne voit pas ou se cachent les fichiers détectés par Bitdefender
      On ne voit pas non plus s'il ont été supprimés.

      Ce n'est peut etre pas volontaire de ta part ;-)
      0
  7. julien
     
    concernant la manip avec services.msc, je trouve la ligne en question mais je ne vois "desactivé" nulle part, juste arreter ou redemarrer le service dans une colone sur la gacuhe. Par contre, quand je me ets sur la ligne et que je fais propriétés, onglet general, jai type de demarrage avec un menu deroulant (automatique, manuel, desactivé). est ce là l'option Désactivée dont tu parles ?

    Julien
    0
    1. Utilisateur anonyme
       
      Oui c'est bien ça :-)
      0
  8. julien
     
    ah oui zut (concernant bitdefender) jaurai du faire un copier-coller de la fenetre ou on voit la progression de l'analyse, effectivement on y voit chaque localisation de fichier infecté, zut de zut
    0
    1. Utilisateur anonyme
       
      pas grave, choisis de faire le scan avec Kaspersky on y verra bien plus clair ;-)
      0
  9. julien
     
    oui je suis en train :-)
    par contre je n'ai pas vu My Computer

    bref ca scanne
    0
    1. Utilisateur anonyme
       
      bon..j'pense qu'il a pas finit le scan..on verra ça tout à lheure ;-)
      0
  10. julien
     
    hello boulepate

    voici le rapport kaspersky :)

    KASPERSKY ONLINE SCANNER REPORT
    Tuesday, August 22, 2006 10:58:58 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.83.0
    Kaspersky Anti-Virus database last update: 22/08/2006
    Kaspersky Anti-Virus database records: 204519

    Scan Settings
    Scan using the following antivirus database standard
    Scan Archives true
    Scan Mail Bases true

    Scan Target My Computer
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\

    Scan Statistics
    Total number of scanned objects 111876
    Number of viruses found 4
    Number of infected objects 6 / 0
    Number of suspicious objects 0
    Duration of the scan process 01:21:08

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped

    C:\Documents and Settings\JJ\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\JJ\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\JJ\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\JJ\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\JJ\Local Settings\Historique\History.IE5\MSHist012006082220060823\index.dat Object is locked skipped

    C:\Documents and Settings\JJ\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\JJ\ntuser.dat Object is locked skipped

    C:\Documents and Settings\JJ\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\BWDocMap.pht Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\BWInfopakMap.pht Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\chandir.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\chandir.idx Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\chn.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\chn.idx Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\D0000000.FCS Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\inuse.txt Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\L0000023.FCS Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\main.log Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs.idx Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_die.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_die.idx Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_dnd.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_dnd.idx Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_ext.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_ext.idx Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_rcv.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\prs_rcv.idx Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\storydb.dat Object is locked skipped

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JJ\Data\storydb.idx Object is locked skipped

    C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped

    C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped

    C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped

    C:\Program Files\Norton AntiVirus\Quarantine\10475123 Infected: Trojan.Win32.Agent.vg skipped

    C:\Program Files\Norton AntiVirus\Quarantine\66BA5C55.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

    C:\Program Files\Norton AntiVirus\Quarantine\66BA5C55.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped

    C:\Program Files\Norton AntiVirus\Quarantine\66BA5C55.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped

    C:\Program Files\Norton AntiVirus\Quarantine\66BA5C55.zip ZIP: infected - 3 skipped

    C:\Program Files\Norton AntiVirus\Quarantine\66BA5C55.zip CryptFF: infected - 3 skipped

    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    C:\System Volume Information\_restore{83898E23-A1CF-4786-96B8-DA5C92C85823}\RP626\change.log Object is locked skipped

    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

    C:\WINDOWS\SchedLgU.Txt Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\EventCache\{67B79DE6-66BC-4E4A-B347-46E22E8A2F3A}.bin Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

    C:\WINDOWS\Sti_Trace.log Object is locked skipped

    C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\default Object is locked skipped

    C:\WINDOWS\system32\config\default.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SAM Object is locked skipped

    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

    C:\WINDOWS\system32\config\software Object is locked skipped

    C:\WINDOWS\system32\config\software.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\system Object is locked skipped

    C:\WINDOWS\system32\config\system.LOG Object is locked skipped

    C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

    C:\WINDOWS\system32\drivers\sptd4045.sys Object is locked skipped

    C:\WINDOWS\system32\h323log.txt Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

    C:\WINDOWS\wiadebug.log Object is locked skipped

    C:\WINDOWS\wiaservc.log Object is locked skipped

    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.
    0
    1. Utilisateur anonyme
       
      Salut Julien

      supprimes tout ce que Norton t'as mit en quarantaine et ça me semblera ok. :-)

      Ou en est ton probléme ?

      n'hesite pas à remettre un rapport hijackthis

      A++
      0
  11. julien
     
    re boulepate

    heu question a deux balles, comment on vire les trucs mis en quarantaine de norton... :-( ?

    julien
    0
    1. Utilisateur anonyme
       
      dans le bas à droite tu dois avoir une icone signalant la precense de Norton, clic dessus pour qu'il s'ouvre completement, tu devrais avoir une partie "quarantaine" clic dessus puis de la regarde ce qu'il y a en quarantaine puis supprime tout.

      Si tu ne trouves pas:
      Clic sur demarrer>poste de travail>C:>program files>Norton antivirus>(dossier) quarantaine entre dedans et supprime tout

      :-)
      0
  12. julien
     
    ayé je suis allé dans le repertoir quarantaine et jai degagé un fichier zip (qui etait apparu plusieurs fois dans des analyses je crois, sinon jai laissé les autres (un dossier incoming vide, un .dll, un dossier Portal vide et un ficher dont le nom est 7 chiffres.

    Et voila le dernier rapport hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 01:48:07, on 23/08/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\INVISI~1\invtray.exe
    C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe
    C:\DOCUME~1\JJ\LOCALS~1\Temp\~e5d141.tmp
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [D066UUtility] C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
    O4 - HKLM\..\Run: [DXM6Patch_9904] C:\WINDOWS\p_9904.exe /Q:A
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Invisible Secrets 4] C:\PROGRA~1\INVISI~1\invtray.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    0
    1. Utilisateur anonyme
       
      ça me semble correct et pour toi, encore des soucis ?
      0
  13. julius72 Messages postés 4 Date d'inscription   Statut Membre
     
    ca m'a l'air bon, j'ai plus eu d'alerte depuis deux jours.

    Quand j'aurai le temps, je m'attaquerai aux spams qui deferlent dans Outlook :)

    Merci pour tout en tout cas, je sais pas où j'ai chopé tout ca :-(
    0
    1. Utilisateur anonyme
       
      oki c'est un bon point alors, faut pas chercher à comprendre ça s'infiltre partout comme la poussiére :-)

      pour t'avancer voici un anti-spam gratuit en français
      https://www.jetelecharge.com/Internet/427.php

      A+++
      0
  14. morganxxx
     
    T es un fou Boulepate!!!!! comment tu fais pour t'y connaitre autant????
    0
  15. julius72 Messages postés 4 Date d'inscription   Statut Membre
     
    terriblement efficace c sur !!!!
    0
  16. Utilisateur anonyme
     
    bah j'ai rien de spécial lol un cerveau et des doigts pour vous répondre, tout comme vous, chacuns ces domaines de prélidection

    Merci quand même ça fait plaisir :-)

    PS: j'vais manger je re après si besoin ;-)

    A++
    0