Virus

Résolu
christaline92 Messages postés 29 Statut Membre -  
christaline92 Messages postés 29 Statut Membre -
SLT

j'ai probleme de virus qui envoy des mail de mon pc
impossile de le trouver avec avast ou antivir

help SVP

Logfile of HijackThis v1.99.1
Scan saved at 23:46:59, on 10/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\cmd.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
c:\fix\fixblast2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\HPZinw12.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Windows Autoupdate] c:\fix\fix.bat
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Weezo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ntwldcberyysf.dll
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DA58309-86A0-45A8-A485-72AF641FB4BE}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Configuration: Windows XP
Firefox 2.0.0.3

28 réponses

  • 1
  • 2
  1. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    * Télécharge LSPfix
    http://www.cexx.org/LSPFix.exe

    * Lance LSPfix
    * Déconnecte-toi d'Internet et ferme toutes les fenêtres d'Internet Explorer.
    * Coche la case "I know what I'm doing"
    * Sélectionne l'instance de la dll suivante (celle ci et pas une autre, sinon ferme LSPfix) :

    ntwldcberyysf.dll

    * fais les glisser du panneau de gauche "keep" au panneau de droite "Remove".
    Clique sur le bouton "Finish".
    (Si elles sont déjà dans le panneau "Remove" alors clique directement sur le bouton "Finish".)

    reposte un nouveau rapport hijackthis
    0
  2. christaline92 Messages postés 29 Statut Membre
     
    voila

    Logfile of HijackThis v1.99.1
    Scan saved at 07:04:41, on 11/04/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\System32\HPZinw12.exe
    C:\Program Files\Windows NT\Accessoires\wordpad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - Startup: Weezo.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6DA58309-86A0-45A8-A485-72AF641FB4BE}: NameServer = 192.168.1.1
    O18 - Protocol: bw+0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  3. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    désactive l'un des 2 antivirus, antivir ou avast. il ne faut pas garder les 2 en résident
    ensuite

    * Fait un scan antivirus en ligne
    https://www.bitdefender.fr/
    et copie colle le résultat ici
    * En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
    * Dans la nouvelle fenêtre, clique sur I agree
    * La fenêtre change encore, clique sur Click here to scan
    * Les signatures se chargent, etc.

    tuto en image

    http://pageperso.aol.fr/rginformatique/mapage/defender.htm

    0
  4. christaline92 Messages postés 29 Statut Membre
     
    Un petit problème
    Détection de plusieurs virus mais redémarrage du pc
    Pas pu coller rapport
    Je recommence l'opération
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    ok
    0
    1. Jamila_ms
       
      désolé mais c un message pour Philae83:
      est ce que tu peux voir mon pb svp (voir le message de jamila_ms)
      MERCI
      0
      1. philae83 Messages postés 12854 Statut Contributeur sécurité 206 > Jamila_ms
         
        bonsoir, j'y vais.
        0
  7. christaline92 Messages postés 29 Statut Membre
     
    Voila mon dernier rapport

    BitDefender Online Scanner - Rapport virus en temps réel

    Généré à: Thu, Apr 12, 2007 - 07:05:14

    Info d'analyse

    Fichiers scannés

    1069792

    Infectés Fichiers 4

    Virus Détectés

    Generic.Botget.128FFF46 1

    Trojan.Peed.Gen 1

    Trojan.Vqten.A 1

    Trojan.Inject.BA 1
    0
  8. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    le rapport n'est pas complet, me manque les chemins des malwares, ainsi que l'action faite par bitdefender....
    0
  9. christaline92 Messages postés 29 Statut Membre
     
    AH
    je n'ai pas garder de copie.
    En plus je viens de me rendre compte que j'ai perdu mes imprimante
    et que quand je veux les reinstaller il me dit "impossible de terminer cette operation "

    dois je refaire bigdefender?
    0
  10. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    oui il serait bien que tu refasses un scan, mais peut être qu'il ne trouvera plus rien si il a tout nettoyé. Refait le quand même stp poste le rapport complet. Il faut le chemin des fichiers infectés et l'action réalisée

    0
  11. christaline92 Messages postés 29 Statut Membre
     
    voila

    BitDefender Online Scanner

    Rapport d'analyse généré à: Thu, Apr 12, 2007 - 23:34:24

    Voie d'analyse: A:\;C:\;D:\;E:\;G:\;

    Statistiques

    Temps

    01:49:40

    Fichiers

    510835

    Directoires

    5215

    Secteurs de boot

    4

    Archives

    9845

    Paquets programmes

    65972

    Résultats

    Virus identifiés

    1

    Fichiers infectés

    1

    Fichiers suspects

    0

    Avertissements

    0

    Désinfectés

    0

    Fichiers effacés

    1

    Info sur les moteurs

    Définition virus

    485660

    Version des moteurs

    AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

    Analyse des plugins

    14

    Archive des plugins

    38

    Unpack des plugins

    6

    E-mail plugins

    6

    Système plugins

    1

    Paramètres d'analyse

    Première action

    Désinfecté

    Seconde Action

    Supprimé

    Heuristique

    Oui

    Acceptez les avertissements

    Oui

    Extensions analysées

    *;

    Excludez les extensions

    Analyse d'emails

    Oui

    Analyse des Archives

    Oui

    Analyser paquets programmes

    Oui

    Analyse des fichiers

    Oui

    Analyse de boot

    Oui

    Fichier analysé

    Statut

    C:\System Volume Information\_restore{31DBB293-7699-4F23-856A-E3AE0FF67570}\RP1232\A0130135.exe

    Infecté par: Trojan.Peed.LY

    C:\System Volume Information\_restore{31DBB293-7699-4F23-856A-E3AE0FF67570}\RP1232\A0130135.exe

    Echec de la désinfection

    C:\System Volume Information\_restore{31DBB293-7699-4F23-856A-E3AE0FF67570}\RP1232\A0130135.exe

    Supprimé
    0
  12. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    re

    reposte maintenant un nouveau rapport hijackthis stp
    0
  13. christaline92 Messages postés 29 Statut Membre
     
    voila
    mais mon problème set toujours la.

    Logfile of HijackThis v1.99.1
    Scan saved at 18:43:10, on 13/04/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6DA58309-86A0-45A8-A485-72AF641FB4BE}: NameServer = 192.168.1.1
    O18 - Protocol: bw+0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {083C729A-3B10-426B-BA5F-09ED37AB58CD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  14. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    re

    désactive l'un des 2 antivirus antivir ou avast.

    * fait un scan antivirus avec AVG AS et poste le rapport ici ensuite

    0
  15. christaline92 Messages postés 29 Statut Membre
     
    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 10:35:53 14/04/2007

    + Résultat de l'analyse:

    Rien à signaler.

    Fin du rapport
    0
  16. christaline92 Messages postés 29 Statut Membre
     
    bonjour
    antivir me détecte a chaque redemarage totour.exe
    je le transfert en quarantaine mais il revient
    0
  17. christaline92 Messages postés 29 Statut Membre
     
    AntiVir PersonalEdition Classic
    Report file date: samedi 14 avril 2007 11:45

    Scanning for 569934 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 1) [5.1.2600]
    Username: Propriétaire
    Computer name: BUREAU

    Version information:
    BUILD.DAT : 217 12749 Bytes 05/12/2006 17:00:00
    AVSCAN.EXE : 7.0.3.2 208936 Bytes 05/12/2006 14:30:07
    AVSCAN.DLL : 7.0.3.1 35880 Bytes 05/12/2006 15:00:22
    LUKE.DLL : 7.0.3.2 143400 Bytes 31/10/2006 15:07:46
    LUKERES.DLL : 7.0.2.0 9256 Bytes 05/12/2006 15:00:22
    ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 14:30:06
    ANTIVIR1.VDF : 6.36.1.24 2212864 Bytes 14/11/2006 08:12:08
    ANTIVIR2.VDF : 6.36.1.113 221696 Bytes 01/12/2006 08:12:12
    ANTIVIR3.VDF : 6.37.0.3 6144 Bytes 01/12/2006 08:12:14
    AVEWIN32.DLL : 7.3.0.15 1982976 Bytes 04/12/2006 16:18:38
    AVPREF.DLL : 7.0.2.0 23592 Bytes 03/11/2006 09:53:44
    AVREP.DLL : 6.37.0.3 983080 Bytes 01/12/2006 08:05:52
    AVRPBASE.DLL : 7.0.0.0 2162728 Bytes 30/03/2006 07:43:31
    AVPACK32.DLL : 7.2.0.5 368680 Bytes 23/10/2006 14:21:31
    AVREG.DLL : 7.0.1.1 30760 Bytes 23/10/2006 09:52:27
    NETNT.DLL : No Information!
    RCIMAGE.DLL : 7.0.1.3 2097192 Bytes 08/11/2006 11:26:26
    RCTEXT.DLL : 7.0.12.1 77864 Bytes 05/12/2006 15:00:21

    Configuration settings for the scan:
    Jobname..........................: Local Drives
    Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: G:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium
    Expanded search settings.........: 0x00007000

    Start of the scan: samedi 14 avril 2007 11:45

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Modules have been scanned
    Scan process 'avcenter.exe' - '1' Modules have been scanned
    Scan process 'ashMaiSv.exe' - '0' Modules have been scanned
    Scan process 'ashWebSv.exe' - '0' Modules have been scanned
    Scan process 'vsmon.exe' - '0' Modules have been scanned
    Scan process 'wdfmgr.exe' - '0' Modules have been scanned
    Scan process 'svchost.exe' - '0' Modules have been scanned
    Scan process 'pctspk.exe' - '0' Modules have been scanned
    Scan process 'CDAC11BA.EXE' - '0' Modules have been scanned
    Scan process 'guard.exe' - '0' Modules have been scanned
    Scan process 'ashServ.exe' - '0' Modules have been scanned
    Scan process 'aswUpdSv.exe' - '0' Modules have been scanned
    Scan process 'avguard.exe' - '0' Modules have been scanned
    Scan process 'sched.exe' - '0' Modules have been scanned
    Scan process 'alg.exe' - '0' Modules have been scanned
    Scan process 'mpbtn.exe' - '1' Modules have been scanned
    Scan process 'rapimgr.exe' - '1' Modules have been scanned
    Scan process 'Lime.exe' - '1' Modules have been scanned
    Scan process 'wcescomm.exe' - '1' Modules have been scanned
    Scan process 'LimeAlive.exe' - '1' Modules have been scanned
    Scan process 'avgnt.exe' - '1' Modules have been scanned
    Scan process 'zlclient.exe' - '0' Modules have been scanned
    Scan process 'ashDisp.exe' - '1' Modules have been scanned
    Scan process 'DeviceManager.exe' - '1' Modules have been scanned
    Scan process 'qttask.exe' - '1' Modules have been scanned
    Scan process 'Vaderetro_oe.exe' - '1' Modules have been scanned
    Scan process 'jusched.exe' - '1' Modules have been scanned
    Scan process 'explorer.exe' - '1' Modules have been scanned
    Scan process 'svchost.exe' - '0' Modules have been scanned
    Scan process 'svchost.exe' - '0' Modules have been scanned
    Scan process 'svchost.exe' - '0' Modules have been scanned
    Scan process 'svchost.exe' - '0' Modules have been scanned
    Scan process 'lsass.exe' - '0' Modules have been scanned
    Scan process 'services.exe' - '0' Modules have been scanned
    Scan process 'winlogon.exe' - '0' Modules have been scanned
    Scan process 'csrss.exe' - '0' Modules have been scanned
    Scan process 'smss.exe' - '0' Modules have been scanned
    14 processes with 14 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!
    Boot sector 'A:\'
    [NOTE] In the drive 'A:\' no data medium is inserted!

    Starting to scan the registry.
    The registry was scanned ( 17 files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\ndis.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <DRV2_VOL1>
    Begin scan in 'A:\' <D:\>
    The path A:\ could not be found!
    Le périphérique n'est pas prêt.

    Begin scan in 'E:\' <A:\>
    The path E:\ could not be found!
    Le périphérique n'est pas prêt.

    Begin scan in 'G:\' <E:\>
    The path G:\ could not be found!
    Le périphérique n'est pas prêt.

    End of the scan: samedi 14 avril 2007 12:37
    Used time: 52:09 min

    The scan has been done completely.

    4638 Scanning directories
    223878 Files were scanned
    0 viruses and/or unwanted programs were found
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    223878 Files not concerned
    1726 Archives were scanned
    2 Warnings
    8 Notes
    0
  18. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    * Assure toi d'avoir accès à tous les fichiers

    -démarrer

    -poste de travail ou autre dossier

    -menu outils

    -options de dossier

    -onglet affichage

    puis

    - activer la case : Afficher les fichiers et dossiers cachés

    - désactiver la case : Masquer les extensions des fichiers dont le type est connu

    - désactiver la case : Masquer les fichier protégés du système d'exploitation

    Puis - Appliquer
    te dit moi si tu trouves

    C:/windows/system32/totour.exe


    0
  19. christaline92 Messages postés 29 Statut Membre
     
    bonjours

    le probleme est que antivir le trouve et l'envoie en quarantaine a chaque redemarage.
    apres ca je ne le retrouve plus
    par contre juste avant qu'il ne le met en quarantaine il est bien la C:/windows/system32/totour.exe
    0
  20. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    alors j'ai trouvé ceci

    Le fichier ndis.sys situé sur c:\windows\system32\drivers est contaminé. Il réinstalle systématiquement un fichier cp1041.nls sur C:\

    Le remède simple qui semble fonctionner sans problème

    - récupérer un fichier ndis.sys sain (taille 180 ko environ, le corrompu fait 257 ko). On peut aussi dupliquer celui qui est contenu dans c:\windows\system32\dllcache, si il est sain.
    - redémarrer en mode sans échec
    - effacer cp1041.nls sur c:\
    - effacer le ndis.sys corrompu sur c:\windows\system32\drivers
    - placer le nouveau ndis.sys
    - redémarrer en mode normal

    tiens moi au courant
    0
    1. christaline92 Messages postés 29 Statut Membre
       
      bonjour

      Alors pour le virus on dirait que ça marche
      par contre je n'arrive plus a installer mon imprimante.
      0
  21. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    reposte un rapport hijackthis déjà stp
    0
  • 1
  • 2