[Trojan] infexté avec Trojan.zlob.gen
Résolu/Fermé
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
-
24 sept. 2006 à 20:21
Max#01 Messages postés 392 Date d'inscription dimanche 24 septembre 2006 Statut Membre Dernière intervention 7 août 2009 - 5 mai 2008 à 19:47
Max#01 Messages postés 392 Date d'inscription dimanche 24 septembre 2006 Statut Membre Dernière intervention 7 août 2009 - 5 mai 2008 à 19:47
A voir également:
- [Trojan] infexté avec Trojan.zlob.gen
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Win32 trojan gen - Forum Virus / Sécurité
- Windows defender avertissement de sécurité trojan spyware - Forum Windows 10
- Trojan agent ✓ - Forum Virus / Sécurité
- Trojan wacatac ✓ - Forum Virus / Sécurité
13 réponses
boulepate62
Messages postés
22970
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 575
24 sept. 2006 à 21:57
24 sept. 2006 à 21:57
Salut,
fait ça pour verifier
Télécharge HijackThis:
Téléchargement de HijackThis
Installe le dans son propre dossier:
-clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
Lance le, clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici stp
fait ça pour verifier
Télécharge HijackThis:
Téléchargement de HijackThis
Installe le dans son propre dossier:
-clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
Lance le, clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici stp
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
76
25 sept. 2006 à 18:22
25 sept. 2006 à 18:22
merci de m'avoir repondu
j'avais deja hijackthis et j'ai aussi ad-aware, spybot, ccleaner, clean up et bit defender en anti virus mais je pense que je vais prendre avast
tu peux me dire le quel est le mieu stp :)
bon voila mon scan:
Logfile of HijackThis v1.99.1
Scan saved at 18:17:05, on 25/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Thibault\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\MESPRO~1\Spybot\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0E91218-41B3-48D7-A923-DFF6D3A7170E}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Si t'arrive a faire qqe chose ac tout sa merci d'avance
j'avais deja hijackthis et j'ai aussi ad-aware, spybot, ccleaner, clean up et bit defender en anti virus mais je pense que je vais prendre avast
tu peux me dire le quel est le mieu stp :)
bon voila mon scan:
Logfile of HijackThis v1.99.1
Scan saved at 18:17:05, on 25/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Thibault\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\MESPRO~1\Spybot\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0E91218-41B3-48D7-A923-DFF6D3A7170E}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Si t'arrive a faire qqe chose ac tout sa merci d'avance
boulepate62
Messages postés
22970
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 575
25 sept. 2006 à 19:05
25 sept. 2006 à 19:05
Salut,
si tu as acheté ta version Bitdefender 9 garde lan ,e mets pas Avast
Clic sur demarrer, rechercher et supprime ce fichier:
smss.exe < ne supprime pas celui présent dans /system32/
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
+ toutes les O18
Désactive le pare-feu de Windows(SP2) et installe celui-la pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite
A++
si tu as acheté ta version Bitdefender 9 garde lan ,e mets pas Avast
Clic sur demarrer, rechercher et supprime ce fichier:
smss.exe < ne supprime pas celui présent dans /system32/
- Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
+ toutes les O18
Désactive le pare-feu de Windows(SP2) et installe celui-la pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite
A++
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
76
25 sept. 2006 à 20:32
25 sept. 2006 à 20:32
a propos du fichier smss.exe , jen ai trouvé 4 donc je ne sais pas lequel supprimer :(
j'ai fais des recherches de virus tt a l'heure et résultat : 0 fichiers infecté, 0 virus detecté...
je fais une analyse ad-aware : il ne bloque pas comme il le fais d'habitude et me trouve 4 objets critique: je les supp.
Je fais ensuite spybot et il ne trouva pas de mouchards.
Sa me sembleun peu bizare comme si c'etait le calme avant la tempete :s
Je vais voir pour ce que tu m'as dis merci quand meme ;)
PS: a l'heure où je te parles, bitdefender vient de trouver un malwer >:/ plus precisement: Generic.Maware.SMYV.2D0FC6F7
voila :) @+ et merci encore
j'ai fais des recherches de virus tt a l'heure et résultat : 0 fichiers infecté, 0 virus detecté...
je fais une analyse ad-aware : il ne bloque pas comme il le fais d'habitude et me trouve 4 objets critique: je les supp.
Je fais ensuite spybot et il ne trouva pas de mouchards.
Sa me sembleun peu bizare comme si c'etait le calme avant la tempete :s
Je vais voir pour ce que tu m'as dis merci quand meme ;)
PS: a l'heure où je te parles, bitdefender vient de trouver un malwer >:/ plus precisement: Generic.Maware.SMYV.2D0FC6F7
voila :) @+ et merci encore
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
76
25 sept. 2006 à 21:28
25 sept. 2006 à 21:28
apres voir telechargé ewido et avoir fais un scan et suppr qqe objets, j'ai fais le scan de hijackthis comme demandé et voila le résultat:
Logfile of HijackThis v1.99.1
Scan saved at 21:25:42, on 25/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Thibault\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\MESPRO~1\Spybot\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0E91218-41B3-48D7-A923-DFF6D3A7170E}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: offline-8876480 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
merci déjà @+
Logfile of HijackThis v1.99.1
Scan saved at 21:25:42, on 25/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Thibault\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\MESPRO~1\Spybot\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0E91218-41B3-48D7-A923-DFF6D3A7170E}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: offline-8876480 - {78F6E2C8-2B04-4302-ACAC-66A5209833AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
merci déjà @+
boulepate62
Messages postés
22970
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 575
25 sept. 2006 à 22:11
25 sept. 2006 à 22:11
Tu as un pare-feu avec ton Bitdefender 9 ?
Pour ce qui est de smss.exe donne moi les enpacements exacte stp
Bitdefender il le trouve ou ton malware ?
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
Pour ce qui est de smss.exe donne moi les enpacements exacte stp
Bitdefender il le trouve ou ton malware ?
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
76
26 sept. 2006 à 19:01
26 sept. 2006 à 19:01
faut-il que j'installe un logiciel pour que sa scan mon ordi ??
on me demande d'installer Kaspersky... rep vite stp :) merci
on me demande d'installer Kaspersky... rep vite stp :) merci
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
76
26 sept. 2006 à 19:45
26 sept. 2006 à 19:45
Oui j'ai un firewall sur bitdefender, les generic.malware se trouvent le plus souvent dans les fichiers du type
15exmodul32.d.exe (celui en fait parti) present dans document and settings/le nom/local settings/temp/...
je ne vais pas suppr le fichier smss car j'ai lu sur le forum qu'il ne fallait en aucun cas le suppr et un ami me l'a confirmé.
je transmet aussi le scan de kaspersky:
Tuesday, September 26, 2006 7:40:19 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 26/09/2006
Kaspersky Anti-Virus database records: 213441
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 30677
Number of viruses found 1
Number of infected objects 3 / 0
Number of suspicious objects 0
Duration of the scan process 00:24:56
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Thibault\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\history.dat Object is locked skipped
C:\Documents and Settings\Thibault\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\parent.lock Object is locked skipped
C:\Documents and Settings\Thibault\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\24exssd32.6.exe Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\32exmodul32d.5.exe Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\35exmodul32d.5.exe Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\tmp1.tmp Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\Documents and Settings\Thibault\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Thibault\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Thibault\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\L0000003.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\storydb.idx Object is locked skipped
C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender9\aspdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender9\Quarantine\15exmodul32d.5.exe Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{6D320A76-524B-455A-AA8E-7EC34F6DDCDD}\RP52\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{B640F0A7-7C4B-4122-A8F4-F120AEBEC8B0}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system\smss.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\nvsvcd.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp00007f9e\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{6D320A76-524B-455A-AA8E-7EC34F6DDCDD}\RP52\change.log Object is locked skipped
15exmodul32.d.exe (celui en fait parti) present dans document and settings/le nom/local settings/temp/...
je ne vais pas suppr le fichier smss car j'ai lu sur le forum qu'il ne fallait en aucun cas le suppr et un ami me l'a confirmé.
je transmet aussi le scan de kaspersky:
Tuesday, September 26, 2006 7:40:19 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 26/09/2006
Kaspersky Anti-Virus database records: 213441
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 30677
Number of viruses found 1
Number of infected objects 3 / 0
Number of suspicious objects 0
Duration of the scan process 00:24:56
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Thibault\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\history.dat Object is locked skipped
C:\Documents and Settings\Thibault\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\parent.lock Object is locked skipped
C:\Documents and Settings\Thibault\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Application Data\Mozilla\Firefox\Profiles\pgtv7sng.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\24exssd32.6.exe Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\32exmodul32d.5.exe Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\35exmodul32d.5.exe Object is locked skipped
C:\Documents and Settings\Thibault\Local Settings\Temp\tmp1.tmp Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\Documents and Settings\Thibault\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Thibault\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Thibault\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\L0000003.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Thibault\Data\storydb.idx Object is locked skipped
C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender9\aspdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender9\Quarantine\15exmodul32d.5.exe Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{6D320A76-524B-455A-AA8E-7EC34F6DDCDD}\RP52\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{B640F0A7-7C4B-4122-A8F4-F120AEBEC8B0}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system\smss.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\nvsvcd.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp00007f9e\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{6D320A76-524B-455A-AA8E-7EC34F6DDCDD}\RP52\change.log Object is locked skipped
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
76
26 sept. 2006 à 19:49
26 sept. 2006 à 19:49
petit pb :s
je n'arrive pas a suppr. les virus que kaspersky a trouvé :'(
merci de me repondre le plus rapidement possible
merci
je n'arrive pas a suppr. les virus que kaspersky a trouvé :'(
merci de me repondre le plus rapidement possible
merci
boulepate62
Messages postés
22970
Date d'inscription
mardi 14 mars 2006
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
2 575
26 sept. 2006 à 20:07
26 sept. 2006 à 20:07
ok, donc rédémarre ton Pc en mode sans echec* puis fais ce nettoyage
Alors ceci; C:\System Volume Information\_restore indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.
Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"
¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".
Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:
Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
*Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu..
Alors ceci; C:\System Volume Information\_restore indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.
Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"
¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".
Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:
Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
*Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu..
bonjour a tous, depuis peu j ai le trojan zlob sur mon ordi, mes anti virus (pc tools, avast et windows defender) ne parviennent pas a le supprimer et a chaque fois que j allume mon pc mes anti virus me detectent des infections que je suppriment, mais dès que je rallume mon ordi, ça recommence, QUE FAIRE MERCI
bonjour a tous, depuis peu j ai le trojan zlob sur mon ordi, mes anti virus (pc tools, avast et windows defender) ne parviennent pas a le supprimer et a chaque fois que j allume mon pc mes anti virus me detectent des infections que je suppriment, mais dès que je rallume mon ordi, ça recommence, QUE FAIRE MERCI
Max#01
Messages postés
392
Date d'inscription
dimanche 24 septembre 2006
Statut
Membre
Dernière intervention
7 août 2009
76
5 mai 2008 à 19:47
5 mai 2008 à 19:47
bonjour
créés un nouvel article sinon personne ne va lire celui ci, il est mis en temps que résolu...
Merci :)
créés un nouvel article sinon personne ne va lire celui ci, il est mis en temps que résolu...
Merci :)