VIrus.Win32.Sality.k imposible de le netoyé !

mounia93 Messages postés 109 Statut Membre -  
Kristopher Messages postés 3752 Statut Contributeur -
bonjour a tous,
Voila j'ai un petit probleme avec mon antivirus : il detecte en ce moment le virus VIrus.Win32.Sality.k mais il n'arrive pas a le nettoyer.
Cela peut etre dangereux ? et comment l'enlever de mon PC ?????

Merciiiiiiiiiiiii de votre aide !! =)
Configuration: Windows XP SP2

97 réponses

  • 1
  • 2
  • 3
  • 4
  • 5
Résumé de la discussion

La discussion porte sur un utilisateur sous Windows XP SP2 confronté à la détection d'un malware nommé Virus.Win32.Sality.k par son antivirus, sans capacité de nettoyage immédiat. Des solutions recommandées incluent l’utilisation d’un antivirus en ligne pour un diagnostic, puis l’examen du rapport et des journaux système pour identifier les composants malveillants et les supprimer. En parallèle, l’analyse met en évidence des éléments suspects au démarrage et des services compromis, justifiant la vérification des entrées Run et des processus, et un nettoyage des clés de registre peut être nécessaire. Si l’infection est profonde, des actions répétées ou une réinstallation propre peuvent être nécessaires, et certaines entrées de démarrage problématiques nécessitent un passage en mode sans échec pour une désinfection efficace.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Slt,

    Scanne ton PC avec cet antivirus en ligne (uniquement sous IE) :
    http://www.bitdefender.fr/scan8/ie.html
    Clique sur "J'accepte" puis accepte également l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
    Ensuite, clique sur "Cliquez ici pour scanner".
    Patiente jusqu'à la fin du scan...
    Copie/colle le rapport entier sur le forum.

    a+
    0
  2. mounia93 Messages postés 109 Statut Membre 1
     
    MErci de ton aide c'est gentil !
    c'est normal qu'a chaque fichier il me fait echec de la desinfection et qu'ensuite il le supprime ??????
    0
  3. mounia93 Messages postés 109 Statut Membre 1
     
    ????? quelqun peu maider
    0
  4. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Slt

    Peux tu mettre le rapport bitdefender ici
    stp
    merci

    A++
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. mounia93 Messages postés 109 Statut Membre 1
     
    je l'ai mis en pause et je n'arrive pas a faire un copié collé des fichiers infecté puis supprimés .
    Voile ce que je viens de voir sur la page de bitdefender pour scanner:

    Paramètres
    Par défaut, BitDefender essaiera de nettoyer les fichiers infectés qu'il trouve. Avertissement: Si la désinfection échoue, les fichiers infectés seront supprimés sans alerte. Pour changer cela et d'autres paramétrages, cliquez ici. Merci d'utiliser ces options avec prudence.


    C'est pour ca que je me fais du soucis !

    MMerciii
    0
  7. mounia93 Messages postés 109 Statut Membre 1
     
    ??????? pleasee j'attend une aide s'il vous plait !!!
    0
  8. mounia93 Messages postés 109 Statut Membre 1
     
    ..... HELP !!
    0
  9. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Slt,

    Pour le "Help"" n'oublies pas que ce sont des bénévoles qui sont en face de toi...
    Donc ils font ce qu'ils peuvent pour venir à la dépanne...
    Tu n'es pas toute seule non plus....

    Fais ce qui suit

    F - Hijackthis - Outil de diagnostic et réparation
    lire démo
    http://pageperso.aol.fr/balltrap34/Hijenr.gif
    http://pageperso.aol.fr/balltrap34/demohijack.htm
    Télécharge version française ici
    http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
    Copie/colle le rapport

    A++
    0
  10. mounia93
     
    désolé !! je sais que vous etes des bénévoles et je vous remercie beaucoup de nous aider c'est généreux de votre part mais je voulais pas vous offenser en disant HELP . excusez moi ...

    Merci je fais sa tout de suite !
    0
  11. mounia93
     
    Voila le rapport hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 19:09:52, on 04/11/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\InterVideo\Common\Bin\IVIPromotion.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f56df82e86284926bc67f9d0890c5f81
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f56df82e86284926bc67f9d0890c5f81
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{28988D0E-FF1C-4DE2-863A-DFB920DABA03}: NameServer = 86.64.145.146 84.103.237.146
    O17 - HKLM\System\CS1\Services\Tcpip\..\{28988D0E-FF1C-4DE2-863A-DFB920DABA03}: NameServer = 86.64.145.146 84.103.237.146
    O18 - Protocol: bw+0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    Merci et a +
    0
  12. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    ok

    Fais ce qui suit
    stp
    merci

    Télécharge ceci: (merci a S!RI pour ce programme).
    http://siri.urz.free.fr/Fix/SmitfraudFix.zip
    TUTO :: http://siri.urz.free.fr/Fix/SmitfraudFix.php

    Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
    Copie/colle le sur le poste stp.
    ----------------------------------------------------------------------------
    Démarre en mode sans échec :
    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5).
    ----------------------------------------------------------------------------
    Relance le programme Smitfraud,
    Cette fois choisit l’option 2, répond oui a tous ;
    Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

    ========================================
    Refais un Hitjackthis

    0
  13. mounia93
     
    Merci pour l'aide !!!
    juste un truc : il y a plein d'application quan je decompresse le programme , je fais laquelle ???

    encore merci :)

    a++++
    0
  14. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Slt,

    Je pense que tu dois l'avoir ici

    TUTO :: http://siri.urz.free.fr/Fix/SmitfraudFix.php
    0
  15. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Coucou mounia93 et merci Marie d'avoir pris le relais :)

    On récapitule :

    Mounia, tu laisses faire le scan en ligne en ne touchant surtout à aucune option ! (tu laisses les options "par défaut").

    Ne t'inquiètes pas si les fichiers ne peuvent pas être désinfectés, dans les 3/4 des cas, il s'agit du virus lui-même - il faut donc supprimer le fichier en question.

    Copie/colle ici ce rapport de BitDefender.

    Et seulement après tu fais ceci :

    Ok on réessaie :

    - Télécharge le logiciel SmitfraudFix sur le site :
    http://siri.urz.free.fr/Fix/SmitfraudFix.zip
    - Tu enregistres le logiciel sur le bureau pour faire plus simple.
    Puisqu'il est zippé, tu dois le dezippé.
    Si tu utilises Winrar , tu fais : "clique droit" -> "Extraire Ici".
    Tu auras un dossier nommé "SmitfraudFix" qui va apparaître.

    - Tu ouvres le ce dossier, double-clique sur "Smitfraudfix.cmd", choisis l’option 1, il va générer un rapport.

    Copie et colle le sur le poste.

    Bon week...
    0
  16. mounia93 Messages postés 109 Statut Membre 1
     
    Coucou a tous =),

    Voila le rapport bitdefender. petite precision : hier j'ai fait une analyse mais j'ai pas pu exporter le rapport car il y a eu un probleme et IE a du fermer. il avait detecté 9 virus hier.

    BitDefender Online Scanner

    Rapport d'analyse généré à: Sun, Nov 05, 2006 - 21:16:50

    Voie d'analyse: A:\;C:\;D:\;E:\;F:\;

    Statistiques

    Temps
    02:00:10

    Fichiers
    456337

    Directoires
    5726

    Secteurs de boot
    3

    Archives
    21619

    Paquets programmes
    46603

    Résultats

    Virus identifiés
    9

    Fichiers infectés
    18

    Fichiers suspects
    0

    Avertissements
    0

    Désinfectés
    0

    Fichiers effacés
    18

    Info sur les moteurs

    Définition virus
    312627

    Version des moteurs
    AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

    Analyse des plugins
    13

    Archive des plugins
    38

    Unpack des plugins
    6

    E-mail plugins
    6

    Système plugins
    1

    Paramètres d'analyse

    Première action
    Désinfecté

    Seconde Action
    Supprimé

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analysées
    *;

    Excludez les extensions

    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui

    Fichier analysé
    Statut

    C:\RECYCLER\S-1-5-21-2175421650-2673971542-3645842769-1008\Dc1.url
    Infecté par: Trojan.QUrl.C

    C:\RECYCLER\S-1-5-21-2175421650-2673971542-3645842769-1008\Dc1.url
    Echec de la désinfection

    C:\RECYCLER\S-1-5-21-2175421650-2673971542-3645842769-1008\Dc1.url
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP141\A0017062.0XE
    Infecté par: Trojan.Downloader.Adload.DW

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP141\A0017062.0XE
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP141\A0017062.0XE
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP148\A0018351.0XE
    Infecté par: Trojan.Adload.FK

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP148\A0018351.0XE
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP148\A0018351.0XE
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023029.exe
    Infecté par: Trojan.DollarRevenue.B

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023029.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023029.exe
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023030.exe
    Infecté par: Trojan.Downloader.Winfixer.O

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023030.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023030.exe
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023031.exe
    Infecté par: Trojan.Downloader.Winfixer.O

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023031.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023031.exe
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023032.exe
    Infecté par: Trojan.Downloader.Winfixer.O

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023032.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023032.exe
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023033.exe
    Infecté par: Trojan.Killapp.30208.A

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023033.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023033.exe
    Supprimé

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023034.exe
    Infecté par: Trojan.Downloader.Adload.MC

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023034.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP159\A0023034.exe
    Supprimé

    C:\WINDOWS\Downloaded Program Files\ERSV_0001_N91S1908NetInstaller.exe
    Infecté par: Trojan.Downloader.Winfixer.O

    C:\WINDOWS\Downloaded Program Files\ERSV_0001_N91S1908NetInstaller.exe
    Echec de la désinfection

    C:\WINDOWS\Downloaded Program Files\ERSV_0001_N91S1908NetInstaller.exe
    Supprimé

    C:\WINDOWS\Downloaded Program Files\UERSV_0001_N91S2108NetInstaller.exe
    Infecté par: Trojan.Downloader.Winfixer.O

    C:\WINDOWS\Downloaded Program Files\UERSV_0001_N91S2108NetInstaller.exe
    Echec de la désinfection

    C:\WINDOWS\Downloaded Program Files\UERSV_0001_N91S2108NetInstaller.exe
    Supprimé

    C:\WINDOWS\icont.exe
    Infecté par: Trojan.Qurl.3

    C:\WINDOWS\icont.exe
    Echec de la désinfection

    C:\WINDOWS\icont.exe
    Supprimé

    C:\WINDOWS\system32\config\systemprofile\Application Data\winantiviruspro2006freeinstall_fr[1].exe
    Infecté par: Trojan.Downloader.Winfixer.O

    C:\WINDOWS\system32\config\systemprofile\Application Data\winantiviruspro2006freeinstall_fr[1].exe
    Echec de la désinfection

    C:\WINDOWS\system32\config\systemprofile\Application Data\winantiviruspro2006freeinstall_fr[1].exe
    Supprimé

    C:\WINDOWS\system32\config\systemprofile\Bureau\Remove Spyware.url
    Infecté par: Trojan.QUrl.C

    C:\WINDOWS\system32\config\systemprofile\Bureau\Remove Spyware.url
    Echec de la désinfection

    C:\WINDOWS\system32\config\systemprofile\Bureau\Remove Spyware.url
    Supprimé

    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ICD1.tmp\ERSV_0001_N91S1908NetInstaller.exe
    Infecté par: Trojan.Downloader.Winfixer.O

    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ICD1.tmp\ERSV_0001_N91S1908NetInstaller.exe
    Echec de la désinfection

    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ICD1.tmp\ERSV_0001_N91S1908NetInstaller.exe
    Supprimé

    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\E7AZO3OD\AppWrap[1].exe
    Infecté par: Trojan.Qurl.3

    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\E7AZO3OD\AppWrap[1].exe
    Echec de la désinfection

    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\E7AZO3OD\AppWrap[1].exe
    Supprimé

    C:\WINDOWS\Temp\bw2.com
    Infecté par: Trojan.Qurl.3

    C:\WINDOWS\Temp\bw2.com
    Echec de la désinfection

    C:\WINDOWS\Temp\bw2.com
    Supprimé

    C:\WINDOWS\Temp\cmdinst.exe
    Infecté par: Trojan.Proxy.493

    C:\WINDOWS\Temp\cmdinst.exe
    Echec de la désinfection

    C:\WINDOWS\Temp\cmdinst.exe
    Supprimé

    Merciii je vais faire l'autre analyse tou de suite !

    a +
    0
  17. mounia93 Messages postés 109 Statut Membre 1
     
    cOucOu !

    Voila le rapport de smitfraudFix :

    SmitFraudFix v2.119

    Rapport fait à 21:40:50,04, 05/11/2006
    Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» C:\

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    C:\WINDOWS\newname.dat PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris

    »»»»»»»»»»»»»»»»»»»»»»»» Bureau

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""

    »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin
    0
  18. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Fais l'option 2 de smitfraud

    Démarre en mode sans échec :
    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5).
    ----------------------------------------------------------------------------
    Relance le programme Smitfraud,
    Cette fois choisit l’option 2, répond oui a tous ;
    Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
    ========================================
    Refais un Hitjackthis
    0
  19. mounia93 Messages postés 109 Statut Membre 1
     
    COucOu a tOuss !

    VOila le rapport généré par smitfraud en mode sans echec :

    SmitFraudFix v2.119

    Rapport fait à 14:09:43,51, 06/11/2006
    Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Fix executé en mode sans echec

    »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

    C:\WINDOWS\newname.dat supprimé

    »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

    »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

    Nettoyage terminé.

    »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin
    0
  20. mounia93 Messages postés 109 Statut Membre 1
     
    Et celui de hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 14:25:32, on 06/11/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f56df82e86284926bc67f9d0890c5f81
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f56df82e86284926bc67f9d0890c5f81
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{28988D0E-FF1C-4DE2-863A-DFB920DABA03}: NameServer = 86.64.145.144 84.103.237.144
    O17 - HKLM\System\CS1\Services\Tcpip\..\{28988D0E-FF1C-4DE2-863A-DFB920DABA03}: NameServer = 86.64.145.144 84.103.237.144
    O17 - HKLM\System\CS2\Services\Tcpip\..\{28988D0E-FF1C-4DE2-863A-DFB920DABA03}: NameServer = 86.64.145.143 84.103.237.143
    O18 - Protocol: bw+0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {950FC1BB-B8AA-4012-9BDD-7EEB52D8DA94} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    Mercii de votre aide !!!
    0
  21. mounia93 Messages postés 109 Statut Membre 1
     
    petite precision si sa peut vous aider : mon anti virus detecte toujours ce maudit virus virus.Win32.Sality.k et ne le nettoie toujours pas .

    voila bonne fin de journée et merci !!
    0
  • 1
  • 2
  • 3
  • 4
  • 5