Virus
Résolu
DavidMe
Messages postés
42
Statut
Membre
-
billmaxime Messages postés 51889 Date d'inscription Statut Contributeur Dernière intervention -
billmaxime Messages postés 51889 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour,
Je suis confronté à des virus sur mon ordinateur, il m'a fait deux ou trois écrans bleus je ne sais pas pourquoi. Pouvez-vous m'aider s'il vous plaît ?
Un rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:06, on 14/08/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\one\OrangeInside.exe
C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Pascaline\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_IE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1d970ed5-3eda-438d-bffd-715931e2775b} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [orangeinside] C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Assistance Livebox.lnk = C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\orange_html\orange.html
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\translate_html\translate.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: https://applications-et-logiciels.orange.fr/
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/PopularScreenSaversInitialSetup1.0.1.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344896875015
O18 - Protocol: bw+0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Orange update Core Service - France Telecom SA - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Je suis confronté à des virus sur mon ordinateur, il m'a fait deux ou trois écrans bleus je ne sais pas pourquoi. Pouvez-vous m'aider s'il vous plaît ?
Un rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:06, on 14/08/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\one\OrangeInside.exe
C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Pascaline\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_IE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1d970ed5-3eda-438d-bffd-715931e2775b} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [orangeinside] C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Assistance Livebox.lnk = C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\orange_html\orange.html
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\translate_html\translate.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\Pascaline\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: https://applications-et-logiciels.orange.fr/
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/PopularScreenSaversInitialSetup1.0.1.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344896875015
O18 - Protocol: bw+0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A51F0DF2-8C59-4EDA-9A2C-712433E0CC8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Orange update Core Service - France Telecom SA - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
A voir également:
- Virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Virus informatique - Guide
71 réponses
Il n'est pas dans le menu de désinstallation. J'ai remarqué en cherchant sur le net qu'il est avec plein d'autres programmes dans le Smart Restore.
J'ai fait désinstallation et là je vais voir en priant... LOL
J'ai fait désinstallation et là je vais voir en priant... LOL
Il ne l'a pas bien désinstallé car il m'affiche le message au démarrage du PC : "Norton est peut être périmé"....
le lien pour désinstaller norton
https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?docid=kb20080710133834EN_EndUserProfile_fr_fr&product=home&pvid=f-home&version=1&lg=english&ct=us
@+
https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?docid=kb20080710133834EN_EndUserProfile_fr_fr&product=home&pvid=f-home&version=1&lg=english&ct=us
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ouff, je crois que c'est bon. En plus j'avais essayé un programme similaire pour l'enlever mais ça ne marchait pas. Pour Internet comment dois-je m'y prendre ? Car même en câble je n'ai plus de réseau... C'est bizarre ça !
On les active à nouveau comment ? Là j'ai été dans le Smart Restore et j'ai mis "Installer" sur "NET".
Câble ça fonctionne à nouveau Internet mais WIFI toujours pas revenu.
Câble ça fonctionne à nouveau Internet mais WIFI toujours pas revenu.
Le pc se met encore à ramer hhahah... Malédiction !
En même temps avec 500mo de ram et un processeur de 1,5gHz ça ne m'étonne pas du tout.
Sinon aucun point d'interrogation jaune dans le gestionnaire. Étrange !
En même temps avec 500mo de ram et un processeur de 1,5gHz ça ne m'étonne pas du tout.
Sinon aucun point d'interrogation jaune dans le gestionnaire. Étrange !
Et voilà bingo, je ne sais pas du tout comment j'ai fait pour attraper ça mais j'ai choppé encore une saloperie alors que je n'ai été que sur les sites officiels et sécurisés (Mozilla, Microsoft etc...)
On pourra faire une désinfection après ?
On pourra faire une désinfection après ?
tu peux faire 1 ZHPDIAG
le lien pour télécharger https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
le tuto https://www.malekal.com/tutoriels-logiciels/
tu le télécharges sur ton bureau
tu fermes tous tes programmes en cours
pour lancer le scan tu cliques sur la "loupe" a gauche
a la fin du scan le rapport s'affichera sur ton bureau et aussi dans C:\zhp.txt
tu peux poster le rapport via ce lien https://www.cjoint.com/
le lien pour télécharger https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
le tuto https://www.malekal.com/tutoriels-logiciels/
tu le télécharges sur ton bureau
tu fermes tous tes programmes en cours
pour lancer le scan tu cliques sur la "loupe" a gauche
a la fin du scan le rapport s'affichera sur ton bureau et aussi dans C:\zhp.txt
tu peux poster le rapport via ce lien https://www.cjoint.com/
C'est une ou plusieurs toolbars je ne sais pas d'où ça sort. Je vais mettre le Mbam version pro pendant ce temps et faire les mises à jour Windows. Voilà le rapport en espérant que vous puissiez m'aider. (il se peut que des cochonneries soient passées à la trappe quand j'ai remis les configurations d'usine après tout)
Le rapport : https://www.cjoint.com/?BHox1kY6hbM
Le rapport : https://www.cjoint.com/?BHox1kY6hbM
salut
je pense que ton troyan n'est pas complètement éradiquer malgré que tu ais
formater ton pc
adobe reader et java ne sont pas a jour
le lien pour désinstaller adobe reader
https://www.commentcamarche.net/faq/10139-desinstallation-et-mise-a-jour-de-adobe-reader
le lien pour la dernière version https://supportdownloads.adobe.com/product.jsp?product=10&platform=Windows
le lien pour désinstaller java https://singularlabs.com/
le lien pour la dernière version
https://www.java.com/fr/download/
@+
je pense que ton troyan n'est pas complètement éradiquer malgré que tu ais
formater ton pc
adobe reader et java ne sont pas a jour
le lien pour désinstaller adobe reader
https://www.commentcamarche.net/faq/10139-desinstallation-et-mise-a-jour-de-adobe-reader
le lien pour la dernière version https://supportdownloads.adobe.com/product.jsp?product=10&platform=Windows
le lien pour désinstaller java https://singularlabs.com/
le lien pour la dernière version
https://www.java.com/fr/download/
@+
regarde s'il est toujours dans le pc?
Le virus de tout à l'heure, il est dans la quarantaine. C'est :
TR/Crypt.ZPACK.Gen
tu as récupérer le wifi?
et ton rapport MBAM? tu l'envoies
@+
Le virus de tout à l'heure, il est dans la quarantaine. C'est :
TR/Crypt.ZPACK.Gen
tu as récupérer le wifi?
et ton rapport MBAM? tu l'envoies
@+
Bonjour,
Je n'ai pas récupéré le WIFI.
Voilà le rapport Mbam, je fais quoi ? Supprimer les éléments ou je ne fais rien ?
Malwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org
Version de la base de données: v2012.08.15.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Richard :: PASCALINE [administrateur]
Protection: Activé
15/08/2012 10:06:08
mbam-log-2012-08-15 (11-44-25).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 219622
Temps écoulé: 1 heure(s), 37 minute(s), 30 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dynamic Toolbar_is1 (Adware.2020search) -> Aucune action effectuée.
Valeur(s) du Registre détectée(s): 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: O×{N +zF èíj¶...ú} -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: -> Aucune action effectuée.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 4
C:\Program Files\Dynamic Toolbar (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\Cache (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\PBFRV2 (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\PBFRV2\Cache (Adware.2020search) -> Aucune action effectuée.
Fichier(s) détecté(s): 4
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP6\A0004322.dll (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\batch.bat (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\unins000.exe (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Aucune action effectuée.
(fin)
Je n'ai pas récupéré le WIFI.
Voilà le rapport Mbam, je fais quoi ? Supprimer les éléments ou je ne fais rien ?
Malwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org
Version de la base de données: v2012.08.15.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Richard :: PASCALINE [administrateur]
Protection: Activé
15/08/2012 10:06:08
mbam-log-2012-08-15 (11-44-25).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 219622
Temps écoulé: 1 heure(s), 37 minute(s), 30 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dynamic Toolbar_is1 (Adware.2020search) -> Aucune action effectuée.
Valeur(s) du Registre détectée(s): 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: O×{N +zF èíj¶...ú} -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} (Adware.2020search) -> Données: -> Aucune action effectuée.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 4
C:\Program Files\Dynamic Toolbar (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\Cache (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\PBFRV2 (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\PBFRV2\Cache (Adware.2020search) -> Aucune action effectuée.
Fichier(s) détecté(s): 4
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP6\A0004322.dll (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\batch.bat (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\unins000.exe (Adware.2020search) -> Aucune action effectuée.
C:\Program Files\Dynamic Toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Aucune action effectuée.
(fin)
