[virus?] Impossible de restaurer le systeme e

xamax Messages postés 40 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
je suis sous Windows XP, je n'ai pas pu restaurer le systeme
(aucun point de restauration indique), et je n'arrive pas afaire appel au gestionnaire des taches:par ailleurs le PC est particulierement lent, j'imagine qu'il s'agit d'un virus.

Si quelqu'un pouvait m'aider je lui en serait tres rreconnaissant.
Merci d'avance
Xamax

6 réponses

  1. Utilisateur anonyme
     
    Salut,

    Télécharge HijackThis:
    http://www.infos-du-net.com/telecharger/HijackThis.html

    Installe le dans son propre dossier:
    -clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
    Lance le, clic sur "do a system scan and save logfile"
    Puis copie et colle le rapport ici stp
    0
    1. xamax Messages postés 40 Statut Membre
       
      Salut,
      en fait j'avais deja donné dans un message ulterieur le rapport de hijackthis.Le voici:

      Logfile of HijackThis v1.99.1
      Scan saved at 16:37:36, on 31.10.2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\ewido anti-malware\ewidoctrl.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\WINDOWS\Explorer.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
      C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\WINDOWS\System32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
      C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
      C:\WINDOWS\System32\kernels8.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
      C:\Documents and Settings\mika\Bureau\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
      O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels8.exe
      O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels8.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
      O4 - Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE
      O4 - Global Startup: hp psc 1000 series.lnk = ?
      O4 - Global Startup: hpoddt01.exe.lnk = ?
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
      O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c420.cab?308dd12d71b1028365150947db12db96f36247554b978c32095dc5fc97f932517b05c5977d1b3110982390947efdea1b3fac11689f5c2ddaa282088eea808b88:3d42703cdee6c5b602d30a0205f244e5
      O17 - HKLM\System\CCS\Services\Tcpip\..\{965EB7C1-5568-484F-8A7F-8C9B63B8CE98}: NameServer = 212.247.156.66,212.247.156.70
      O18 - Protocol: bw+0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: offline-8876480 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
      O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

      Je te souhaite une excellente soiree,
      xamax
      0
  2. Utilisateur anonyme
     
    Salut,

    ton rapport n'est pas apparu la première fois :-/
    Bref pas grave !

    Rien ne sera supprimé sauf si indiqué
    Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels8.exe
    O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels8.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
    O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/

    Toutes les O18

    O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)

    Clic sur démarrer, rechercher et supprime ce processus:

    kernels8.exe

    **Si un fichier persiste lors de la suppression fait ceci:
    -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

    Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp
    Ewido: (reste gratuit après la période d'essai)
    Ewido
    0
    1. xamax Messages postés 40 Statut Membre
       
      Salut,
      désolé de ne pas avoir donné de nouvelles si longtemps mais
      c'est l'ordinateur d'une amie dont je m'occupe.
      Je n'arrive toujours pas à restaurer le système ni à accéder au gestionnaire des tâches. J'ai installé Ewido.
      Je joins le rapport Hi-jackthis
      Je te souhaite d'excellentes fêtes de fin d'année et te présente
      mes meilleurs voeux pour 2007.
      Bien à toi,
      xamax
      0
    2. xamax Messages postés 40 Statut Membre
       
      J'ai fait une fauss manoeuvre, voici le hijackthis.

      Logfile of HijackThis v1.99.1
      Scan saved at 14:42:53, on 29.12.2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\ewido anti-malware\ewidoctrl.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      C:\WINDOWS\Explorer.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\WINDOWS\system32\cleanmgr.exe
      C:\WINDOWS\System32\LVComsX.exe
      C:\Program Files\Alwil Software\Avast4\setup\avast.setup
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\mika\Bureau\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      O4 - Global Startup: hp psc 1000 series.lnk = ?
      O4 - Global Startup: hpoddt01.exe.lnk = ?
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O12 - Plugin for .mp4: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
      O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
      O17 - HKLM\System\CCS\Services\Tcpip\..\{965EB7C1-5568-484F-8A7F-8C9B63B8CE98}: NameServer = 212.247.156.66,212.247.156.70
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
      O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

      Salut
      0
  3. Utilisateur anonyme
     
    Salut

    pas de rapport Ewido ?

    Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clique dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
    Une fois qu'il a terminé colle le rapport ici stp

    https://www.bitdefender.com/toolbox/

    A mon avis il va falloir réparer le système d'exploitation ;-)
    0
    1. xamax Messages postés 40 Statut Membre
       
      Salut,
      Ewido indiquait que tout allait bien.
      Voici donc le rapport de bitdefender:

      BitDefender Online Scanner



      Scan report generated at: Sat, Dec 30, 2006 - 12:58:01





      Scan path: A:\;C:\;D:\;E:\;F:\;G:\;







      Statistics

      Time
      01:08:38

      Files
      341059

      Folders
      7868

      Boot Sectors
      5

      Archives
      3758

      Packed Files
      37042




      Results

      Identified Viruses
      10

      Infected Files
      11

      Suspect Files
      2

      Warnings
      0

      Disinfected
      0

      Deleted Files
      13




      Engines Info

      Virus Definitions
      363472

      Engine build
      AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

      Scan plugins
      14

      Archive plugins
      38

      Unpack plugins
      6

      E-mail plugins
      6

      System plugins
      1




      Scan Settings

      First Action
      Disinfect

      Second Action
      Delete

      Heuristics
      Yes

      Enable Warnings
      Yes

      Scanned Extensions
      *;

      Exclude Extensions


      Scan Emails
      Yes

      Scan Archives
      Yes

      Scan Packed
      Yes

      Scan Files
      Yes

      Scan Boot
      Yes




      Scanned File
      Status

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0075762.exe
      Infected with: Trojan.Agent.RX

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0075762.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076984.exe
      Suspected of: Trojan.Downloader.Tibs.BDE

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076984.exe
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076984.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076987.exe
      Infected with: Trojan.Downloader.Small.S

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076987.exe
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076987.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076988.exe
      Infected with: Generic.Malware.Bdld!!.A1FE09D8

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076988.exe
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076988.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076989.exe
      Infected with: Trojan.Downloader.Tiny.O

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076989.exe
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076989.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076990.exe
      Infected with: Trojan.Downloader.Small.S

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076990.exe
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076990.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076991.exe
      Infected with: Generic.Malware.Bdld!!.7573B73D

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076991.exe
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076991.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076992.exe
      Infected with: Generic.Malware.Bdld!!.C1AF0CB2

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076992.exe
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076992.exe
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
      Infected with: Trojan.Zlob.GT

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
      Disinfection failed

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
      Deleted

      C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)
      Update failed

      C:\WINDOWS\system32\oehvfssz.exe
      Suspected of: Generic.Malware.dld!.C43A5A80

      C:\WINDOWS\system32\oehvfssz.exe
      Disinfection failed

      C:\WINDOWS\system32\oehvfssz.exe
      Deleted

      C:\WINDOWS\system32\pedvvvjv.exe
      Infected with: Worm.Glowa.C

      C:\WINDOWS\system32\pedvvvjv.exe
      Disinfection failed

      C:\WINDOWS\system32\pedvvvjv.exe
      Deleted

      C:\WINDOWS\system32\systh.exe
      Infected with: Dropped:Generic.Malware.dld!!.CCC9219B

      C:\WINDOWS\system32\systh.exe
      Disinfection failed

      C:\WINDOWS\system32\systh.exe
      Deleted

      C:\WINDOWS\system32\systr.dll
      Infected with: Generic.Malware.dld!!.B7118C97

      C:\WINDOWS\system32\systr.dll
      Disinfection failed

      C:\WINDOWS\system32\systr.dll
      Deleted







      Merci beaucoup pour ton aide, j'espere avoir envoye ce
      qu'il faut , meilleurs voeux pour l'annee 2007.
      Max
      0
  4. The floodeur fou
     
    coment repare ton le systeme d'exploitation ?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Arrive tu maintenant accèder au gestionnaire des taches ?
    As-tu le CD d'installation Windows ?
    0
    1. xamax Messages postés 40 Statut Membre
       
      Salut,
      merci pour tes conseils.La restauration du systeme est
      de nouveau possible et je peux acceder au gestionnaire des
      taches (j'ai applique une astuce trouvee sur le reseau).
      Par ailleurs j'ai un CD d'installation de Windows XP Pro .

      Je souhaite une tres bonne fin d'annee (de meme pour
      le debut 2007).
      Max
      0
  7. Utilisateur anonyme
     
    Si c'est réparé tant mieux alors.
    On évitera la réparation de Windows, pour le moment ;-)

    Bon réveillon

    A++
    0