Sujet Précédent Sujet Suivant

Infecté par spysheriff, pesttrap et zlob

Utilisateur anonyme -  
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour,

Depuis ce j'ai une icone dans la barre de demarrage qui clignote et m'indique "critical system error" et me renvoie sur un site antivirus commercial .

J'ai lancé un scan par PC Cillin qui n'indique rien mais spybot
me donne 3 infection :
- Spybot
- spy sheriff
- zlob.homepage monitor

Quelqu'un peut-il m'aider à me debarasser de ces cochonneries

Merci d'avance

8 réponses

Réponse 1 / 8
Utilisateur anonyme
 
J'ai fais une analyse avec hyjackthis . voici le resultat

Logfile of HijackThis v1.99.1
Scan saved at 13:11:48, on 30/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TrueCodec\isamonitor.exe
C:\Program Files\TrueCodec\pmsngr.exe
C:\Program Files\TrueCodec\pmmon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\TrueCodec\isamini.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\PROGRA~1\TRENDM~1\INTERN~2\PCCTLCOM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TMPROXY.EXE
C:\PROGRA~1\TRENDM~1\INTERN~2\TMPFW.EXE
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\NETSCAPE.EXE
C:\Documents and Settings\Christophe Maison\Bureau\nettoyage pc\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\TrueCodec\isaddon.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Program Files\TrueCodec\iesplugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /M "Stylus DX3800" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O18 - Protocol: bw+0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: clamoring - {0d9eb558-0666-479e-868a-21b1d1a53bd1} - C:\WINDOWS\system32\veklo.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
0
Réponse 2 / 8
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
slt,

Télécharges smitfraudfix :

En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php

tu le décompresses tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
cela vas générer un rapport.
Si tu vois des lignes avec PRESENT! Continue la manip qui suit.

Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) et tu choisis le mode sans échec)

- Ouvre le dossier "SmitfraudFix" et double clic sur "Smitfraudfix.cmd", choisit l’option 2 et tu réponds oui à tout.

Copie/colle le rapport sur le forum stp.

Merci de rester sur ce topic et de ne pas en recréer d'avantage.

0
Réponse 3 / 8
Utilisateur anonyme
 
voici le resultat de smiitfraudfix

j'ai lancer l'analyse 2 dont voici le rapport :

SmitFraudFix v2.82

Rapport fait à 13:38:10,57, 30/10/2006
Executé à partir de C:\Documents and Settings\Christophe Maison\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{0d9eb558-0666-479e-868a-21b1d1a53bd1}"="clamoring"

[HKEY_CLASSES_ROOT\CLSID\{0d9eb558-0666-479e-868a-21b1d1a53bd1}\InProcServer32]
@="C:\WINDOWS\system32\veklo.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0d9eb558-0666-479e-868a-21b1d1a53bd1}\InProcServer32]
@="C:\WINDOWS\system32\veklo.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\Program Files\PestTrap\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{0d9eb558-0666-479e-868a-21b1d1a53bd1}"="clamoring"

[HKEY_CLASSES_ROOT\CLSID\{0d9eb558-0666-479e-868a-21b1d1a53bd1}\InProcServer32]
@="C:\WINDOWS\system32\veklo.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0d9eb558-0666-479e-868a-21b1d1a53bd1}\InProcServer32]
@="C:\WINDOWS\system32\veklo.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Fin

J'ai tjrs une icone qui clignote ?/x "critical system error"
0
Réponse 4 / 8
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
redémarre en mode normal et remet un log Hiack STP

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
Utilisateur anonyme
 
ok, j'ai fais un scan hiack, et mon fond d'écran a disparu

voila le log

Logfile of HijackThis v1.99.1
Scan saved at 14:53:12, on 30/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\PROGRA~1\TRENDM~1\INTERN~2\PCCTLCOM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TMPFW.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TrueCodec\isamonitor.exe
C:\Program Files\TrueCodec\isamini.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\NETSCAPE.EXE
C:\Documents and Settings\Christophe Maison\Bureau\nettoyage pc\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\TrueCodec\isaddon.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Program Files\TrueCodec\iesplugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /M "Stylus DX3800" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O18 - Protocol: bw+0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: clamoring - {0d9eb558-0666-479e-868a-21b1d1a53bd1} - C:\WINDOWS\system32\veklo.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
0
Réponse 6 / 8
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
pas grave pour le fonc d'écran quelquefois ca arrive ..

¤Télécharge ces logiciels (si tu ne les as pas) mais que tu n‘utilises pas tout de suite:

(Les mettre à jour avant de les lancer). Pour ça voir les démos.

Antispywares et autres :

1/ Ad-Aware (gratuit)
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
Tuto :
http://perso.orange.fr/entraide-hijackthis/AdAware/AdAware.htm

2/ Spybot (gratuit) :
voir demo d utilisation (merci Balltrap)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

3/ ewido (dowload)
Téléchargement :
https://www.avg.com/en-ww/free-antivirus-download
Lorsqu'il est installer tu l'ouvres clique sur « update » fais les mise à jour
Tuto pour la version 4 d’Ewido :
https://www.malekal.com/tutorial-et-guide-ewido-v4/

Nettoyeurs (de fichiers inutiles) et autres :

4/ ccleaner (gratuit)
Tutorial là :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
Téléchargement :
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

*****************************************************
Affiches tous les fichiers et dossiers :
cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage
Cocher « afficher les dossiers et fichiers cachés »

Décoches la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décoches « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.

Et « appliquer »

****************************************************
¤Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
coche les cases devant ces lignes et ensuite clique sur « fixer objets » (ou « fix checked »):

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\TrueCodec\isaddon.dll

O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Program Files\TrueCodec\iesplugin.dll

Toutes les 018

O18 - Protocol: bw+0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F640CCD3-0836-4319-AD7A-ED3F41B5C117} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O21 - SSODL: clamoring - {0d9eb558-0666-479e-868a-21b1d1a53bd1} - C:\WINDOWS\system32\veklo.dll

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

************************************************

Arrête ce service Boonty Games si tu ne t'en sers pas pour ça fais cette manip :

Démarrer -> executer tape services.msc clic droit sur les service cité - > propriétés et dans "type de démarrage" et mets le sur « arrêté « et « désactivé ».

************************************************
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec
puis tape « entrée ».
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).

**********************************************
¤Recherche et supprime ou désintalle ceci:
attention seulement les fichiers (si présents).

C:\Program Files\TrueCodec <-- le dossier ou s'il est présent dans ajout/suppression de programme , désinstalle le

C:\WINDOWS\system32\veklo.dll

************************************************
¤ Lancer Ewido pour un scan complet (clique sur « scanner » puis sur « complete scan system ») « delete » tout ce qu’il te trouve
et copie/colle le rapport en forum.
************************************************
¤ Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
************************************************
¤ Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
***********************************************
¤ Lance CCleaner.

Suppression des fichiers temporaires

Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé)
• Clique sur Analyse
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur Lancer le Nettoyage

Suppression des incohérence du registre

• Clique sur l'icône Erreurs situés dans la marge à gauche.
• Puis clique sur Analyser les erreurs
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur Corriger les erreurs.

Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement.

*************************************************
¤ Vide ta Corbeille.
*************************************************
¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.

Dis moi ou en sont tes probs s'il t'en reste.

a+
0
Réponse 7 / 8
Utilisateur anonyme
 
j'ai pris du temps, apparemment ca sest arrangé .

voici le rapport, j'ai quand même l'impression que mon ordi n'est pas aussi rapide qu'avant !?!

Logfile of HijackThis v1.99.1
Scan saved at 18:16:11, on 30/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\PROGRA~1\TRENDM~1\INTERN~2\PCCTLCOM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TMPFW.EXE
C:\Program Files\acer\eRecovery\Monitor.exe
C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\NETSCAPE.EXE
C:\Documents and Settings\Christophe Maison\Bureau\nettoyage pc\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Program Files\TrueCodec\isaddon.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /M "Stylus DX3800" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
0
Réponse 8 / 8
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
Ou est le rapport d'ewido ?

Copie/colle moi le STP

Le rapport Smitfraudfix au dessus a t'il été fait d'après mon lien ?
Je ne pense pas ! Ta version n'est pas la bonne je pense, donc refait moi un smitfraudfix aussi.
0

Discussions similaires

infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses
simon
sisititi -
azert1313 -

1 réponse
Powershell infecté
Bal2bin -
MisteryBean -

8 réponses
Infecté ?
rifigames -
rifigames -

6 réponses