De l aide svp

lionelsoni Messages postés 9 Statut Membre -  
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   -
bonjour

y aurait il une ame charitable pour m aider?j ai trouve un trojan et un mlaware pendant un scann

Statistiques

Chemin cible: C:\
D:\
Dossiers : 2936
Fichiers : 135497
Processus Mémoire analysés : 19
Archives : 1364
Fichiers enpaquetés : 11295
Virus trouvés : 1
Fichiers infectés : 2
Processus Mémoire infectés : 0
Fichiers suspects : 1
Alertes : 0
Fichiers désinfectés : 0
Fichiers effacés : 0
Fichiers déplacés : 2
Erreurs I/O : 44
Temps d'analyse :=00:21:30
Fichiers/seconde :105

Statistiques Spywares

Registres analysés : 1707
Registres infectés : 0
Cookies analysés : 163
Cookies infectés : 0
Fichiers spyware infectés : 0
Menaces Spyware détectées : 0

Définitions virus : 270650996
Plugins d'analyse : 16
Plugins archives : 41
Plug-ins décompression : 6
Plug-ins messagerie : 6
Plug-ins système : 5

Options d'analyse

Détection
[X] Analyser le secteur de boot
[X] Processus mémoire
[X] Analyser les archives
[X] Analyser les fichiers enpaquetés
[X] Analyser la messagerie

Masque fichiers
[ ] Programmes
[X] Tous les fichiers
[ ] Extensions définies par l'utilisateur:
[ ] Exclure les extensions: ;

Action

Objets infectés
[ ] Ignorer
[X] Désinfecter
[ ] Effacer
[ ] Mettre en quarantaine
[ ] Demander l'action

Seconde action
[ ] Ignorer
[ ] Effacer
[X] Mettre en quarantaine
[ ] Demander l'action

Options d'analyse
[X] Activer les alertes
[X] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1173252092.log

Options d'analyse Spyware

[X] Analyse contre les risques non-viraux
[ ] Ecarter de l'analyse les dialers et les applications
[X] Clés de registres
[X] Cookies

Résumé:

C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.dll Infecté: Trojan.PWS.Sinowal.V
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.dll Désinfection impossible
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.dll Déplacé
C:\Program Files\Softwin\BitDefender10\Quarantine\ibm00002.dll Infecté: Trojan.PWS.Sinowal.V
C:\Program Files\Softwin\BitDefender10\Quarantine\ibm00002.dll Désinfection impossible
C:\Program Files\Softwin\BitDefender10\Quarantine\ibm00002.dll Déplacé
C:\WINDOWS\system32\koos.exe.bd.ren Suspect: Generic.Malware.M!dldg.D331B341
Configuration: Windows XP
Internet Explorer 6.0

9 réponses

  1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Salut

    Fais ce qui suit
    Stp
    merci

    C - Ccleaner : (nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc.)
    Télécharge ici :
    https://www.ccleaner.com/ccleaner/download
    Tutorial ici:
    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
    ET
    http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

    D – Ewido – AVG
    AVG Anti-Spyware :
    https://www.avg.com/en-ww/free-antivirus-download
    Tu l'installes.
    Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente!

    Lance AVG Anti-Spyware

    Clique sur le bouton Analyse (de la barre d'outils)

    Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.

    Reviens à l'onglet Analyse.

    Clique sur Analyse complète du système.
    /!\ Si un fichier est infecté en fin d'analyse /!\

    choisis l'option " Appliquer toutes les actions " en bas.
    Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
    Enregistre ce fichier texte sur ton bureau.
    Copie/colle le rapport

    F - Hijackthis - Outil de diagnostic et réparation

    Télécharge la version française ici:

    hijackthis

    Dézippe (Clik droit dessus et choisis extraire tout) le dans un dossier prévu à cet effet.

    Par exemple C:\hijackthis < Enregistre le bien dans c : !
    Démo (merci à Balltrap) :
    installation hijackthis
    http://pageperso.aol.fr/balltrap34/Hijenr.gif

    Lance le puis:
    clique sur "faire un scan et sauvegarder le log" (cf. démo)
    faire un copier coller du log entier sur le forum

    Démo : (merci à balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    Bon courage

    A++
    0
  2. lionelsoni Messages postés 9 Statut Membre
     
    merci marie, voila mon rapport, c super bien expliké pour le deziipage merci

    Logfile of HijackThis v1.99.1
    Scan saved at 09:39:36, on 07/03/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\hijack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O18 - Protocol: bw+0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
    0
  3. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Il n'est pas à jour ton windows !!

    Démarrer,
    Tous les programmes
    Windows Ypdate

    Tu suis les recommandations

    Tiens moi au courant

    A++

    0
    1. lionelsoni Messages postés 9 Statut Membre
       
      mais y a un prob concernant mon windows...
      0
  4. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Lol

    Ok je repasse...

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Bonjour,

    Méthode à suivre dans l'ordre...
    ----------------------------------------------------------------------------
    Télécharger ces logiciels (sauf si tu les as)
    A utiliser plus tard

    A - ad-aware version 1.06
    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
    voir demo
    http://pageperso.aol.fr/balltrap34/adwseflash.zip

    B - spybot version 1.4
    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
    voir demo d utilisation
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

    C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
    Télécharge ici :
    https://www.ccleaner.com/ccleaner/download
    Tutorial ici:
    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

    D - Ewido
    https://www.malekal.com/tutorial-et-guide-ewido-v4/
    ----------------------------------------------------------------------------
    ¤Affiche tous les fichiers et dossiers :
    Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage

    Coche « afficher les fichiers et dossiers cachés »

    Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

    Décoche « masquer les extensions dont le type est connu »
    Puis fais «Ok» pour valider les changements.

    Et appliquer !
    =================================

    Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" –osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/

    ============ ============================
    ¤Démarre en mode sans échec :
    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5).
    ----------------------------------------------------------------------------
    ¤Vide tes fichiers temps et temporary internet file:

    Maintenant tu lances
    A/ Ad-Aware supprime quarantaine
    B/ Spybot Supprime quarantaine
    C/ Ccleaner
    D/ Ewido Copier/coller le rapport

    ----------------------------------------------------------------------------
    ¤ Vide ta Corbeille.
    ----------------------------------------------------------------------------
    ¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.

    Tiens nous au courant

    A+

    0
  7. lionelsoni Messages postés 9 Statut Membre
     
    ok chef , je v faire ca dans l ordre, je te collerai un rapport... merci encore pour tout :)
    0
  8. lionelsoni Messages postés 9 Statut Membre
     
    c fait marie...

    Logfile of HijackThis v1.99.1
    Scan saved at 17:27:11, on 07/03/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\hijack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O18 - Protocol: bw+0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {FB28F634-42C4-4552-8687-BA5D29EA63D8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
    0
  9. lionelsoni Messages postés 9 Statut Membre
     
    et le rapport de avg j avais oublié

    C:\WINDOWS\system32\koos.exe.bd.ren -> Proxy.Wopla.ag : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\kprof.bd.ren -> Proxy.Wopla.ag : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\poof.bd.ren -> Proxy.Wopla.ag : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Softwin\BitDefender10\Quarantine\ibm00002.dll -> Trojan.Sinowal.co : Nettoyé et sauvegardé (mise en quarantaine).

    Fin du rapport
    0
  10. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Où en sont tes soucis ??

    0