Sujet Précédent Sujet Suivant

[virus?] Impossible de restaurer le systeme e

xamax Messages postés 40 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
je suis sous Windows XP, je n'ai pas pu restaurer le systeme
(aucun point de restauration indique), et je n'arrive pas afaire appel au gestionnaire des taches:par ailleurs le PC est particulierement lent, j'imagine qu'il s'agit d'un virus.

Si quelqu'un pouvait m'aider je lui en serait tres rreconnaissant.
Merci d'avance
Xamax
A voir également:

6 réponses

Réponse 1 / 6
Utilisateur anonyme
 
Salut,

Télécharge HijackThis:
http://www.infos-du-net.com/telecharger/HijackThis.html

Installe le dans son propre dossier:
-clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
Lance le, clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici stp
0
xamax Messages postés 40 Statut Membre
 
Salut,
en fait j'avais deja donné dans un message ulterieur le rapport de hijackthis.Le voici:

Logfile of HijackThis v1.99.1
Scan saved at 16:37:36, on 31.10.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\System32\kernels8.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\mika\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels8.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels8.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c420.cab?308dd12d71b1028365150947db12db96f36247554b978c32095dc5fc97f932517b05c5977d1b3110982390947efdea1b3fac11689f5c2ddaa282088eea808b88:3d42703cdee6c5b602d30a0205f244e5
O17 - HKLM\System\CCS\Services\Tcpip\..\{965EB7C1-5568-484F-8A7F-8C9B63B8CE98}: NameServer = 212.247.156.66,212.247.156.70
O18 - Protocol: bw+0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {8513E941-6633-425A-AF5A-B9A1DC9193FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Je te souhaite une excellente soiree,
xamax
0
Réponse 2 / 6
Utilisateur anonyme
 
Salut,

ton rapport n'est pas apparu la première fois :-/
Bref pas grave !

Rien ne sera supprimé sauf si indiqué
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels8.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels8.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/

Toutes les O18

O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)

Clic sur démarrer, rechercher et supprime ce processus:

kernels8.exe

**Si un fichier persiste lors de la suppression fait ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp
Ewido: (reste gratuit après la période d'essai)
Ewido
0
xamax Messages postés 40 Statut Membre
 
Salut,
désolé de ne pas avoir donné de nouvelles si longtemps mais
c'est l'ordinateur d'une amie dont je m'occupe.
Je n'arrive toujours pas à restaurer le système ni à accéder au gestionnaire des tâches. J'ai installé Ewido.
Je joins le rapport Hi-jackthis
Je te souhaite d'excellentes fêtes de fin d'année et te présente
mes meilleurs voeux pour 2007.
Bien à toi,
xamax
0
xamax Messages postés 40 Statut Membre
 
J'ai fait une fauss manoeuvre, voici le hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 14:42:53, on 29.12.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\cleanmgr.exe
C:\WINDOWS\System32\LVComsX.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mika\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O12 - Plugin for .mp4: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{965EB7C1-5568-484F-8A7F-8C9B63B8CE98}: NameServer = 212.247.156.66,212.247.156.70
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Salut
0
Réponse 3 / 6
Utilisateur anonyme
 
Salut

pas de rapport Ewido ?

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clique dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/

A mon avis il va falloir réparer le système d'exploitation ;-)
0
xamax Messages postés 40 Statut Membre
 
Salut,
Ewido indiquait que tout allait bien.
Voici donc le rapport de bitdefender:

BitDefender Online Scanner



Scan report generated at: Sat, Dec 30, 2006 - 12:58:01





Scan path: A:\;C:\;D:\;E:\;F:\;G:\;







Statistics

Time
01:08:38

Files
341059

Folders
7868

Boot Sectors
5

Archives
3758

Packed Files
37042




Results

Identified Viruses
10

Infected Files
11

Suspect Files
2

Warnings
0

Disinfected
0

Deleted Files
13




Engines Info

Virus Definitions
363472

Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0075762.exe
Infected with: Trojan.Agent.RX

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0075762.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076984.exe
Suspected of: Trojan.Downloader.Tibs.BDE

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076984.exe
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076984.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076987.exe
Infected with: Trojan.Downloader.Small.S

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076987.exe
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076987.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076988.exe
Infected with: Generic.Malware.Bdld!!.A1FE09D8

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076988.exe
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076988.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076989.exe
Infected with: Trojan.Downloader.Tiny.O

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076989.exe
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076989.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076990.exe
Infected with: Trojan.Downloader.Small.S

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076990.exe
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076990.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076991.exe
Infected with: Generic.Malware.Bdld!!.7573B73D

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076991.exe
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076991.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076992.exe
Infected with: Generic.Malware.Bdld!!.C1AF0CB2

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076992.exe
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP256\A0076992.exe
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Infected with: Trojan.Zlob.GT

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Disinfection failed

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Deleted

C:\System Volume Information\_restore{7B3F89C7-E64C-4179-99C3-E8152873316A}\RP284\A0090263.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)
Update failed

C:\WINDOWS\system32\oehvfssz.exe
Suspected of: Generic.Malware.dld!.C43A5A80

C:\WINDOWS\system32\oehvfssz.exe
Disinfection failed

C:\WINDOWS\system32\oehvfssz.exe
Deleted

C:\WINDOWS\system32\pedvvvjv.exe
Infected with: Worm.Glowa.C

C:\WINDOWS\system32\pedvvvjv.exe
Disinfection failed

C:\WINDOWS\system32\pedvvvjv.exe
Deleted

C:\WINDOWS\system32\systh.exe
Infected with: Dropped:Generic.Malware.dld!!.CCC9219B

C:\WINDOWS\system32\systh.exe
Disinfection failed

C:\WINDOWS\system32\systh.exe
Deleted

C:\WINDOWS\system32\systr.dll
Infected with: Generic.Malware.dld!!.B7118C97

C:\WINDOWS\system32\systr.dll
Disinfection failed

C:\WINDOWS\system32\systr.dll
Deleted







Merci beaucoup pour ton aide, j'espere avoir envoye ce
qu'il faut , meilleurs voeux pour l'annee 2007.
Max
0
Réponse 4 / 6
The floodeur fou
 
coment repare ton le systeme d'exploitation ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
Utilisateur anonyme
 
Arrive tu maintenant accèder au gestionnaire des taches ?
As-tu le CD d'installation Windows ?
0
xamax Messages postés 40 Statut Membre
 
Salut,
merci pour tes conseils.La restauration du systeme est
de nouveau possible et je peux acceder au gestionnaire des
taches (j'ai applique une astuce trouvee sur le reseau).
Par ailleurs j'ai un CD d'installation de Windows XP Pro .

Je souhaite une tres bonne fin d'annee (de meme pour
le debut 2007).
Max
0
Réponse 6 / 6
Utilisateur anonyme
 
Si c'est réparé tant mieux alors.
On évitera la réparation de Windows, pour le moment ;-)

Bon réveillon

A++
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
je voudrais récupérer mon adresse e mail
clobel -
Lucio -

19 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses
Réglage pour réception Astra 19.2
10adamr -
10adamr -

4 réponses
impossible de terminer l’opération car virus Win 7
Slipt -
Malekal_morte- -

2 réponses