Publicités intempéstives

Résolu
tibo6 Messages postés 44 Statut Membre -  
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonsoir
Depuis quelques temps j'ai des pubs imptempéstives qui s'ouvrent (pubs d'antivirus sans parler des sites pornos).
Voilà le rapport HijackThis:

Logfile of Trend Micro HijackThis

v2.0.0 (BETA)
Scan saved at 18:02:58, on

08/06/2007
Platform: Windows XP SP2 (WinNT

5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers

communs\Real\Update_OB\realsched.ex

e
C:\Program

Files\QuickTime\qttask.exe
C:\Program Files\Sony

Ericsson\Mobile2\Application

Launcher\Application Launcher.exe
C:\Program Files\Samsung\Samsung

Media

Studio\SamsungMediaStudioAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program

Files\Messenger\msmsgs.exe
C:\Program

Files\Google\GoogleToolbarNotifier\

1.2.1128.5462\GoogleToolbarNotifier

.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.e

xe
C:\Program Files\Fichiers

communs\Teleca

Shared\CapabilityManager.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Sierra

Imaging\Image Expert\IXApplet.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.e

xe
C:\WINDOWS\System32\ALERTM~1\ALERTM

~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers

communs\Teleca Shared\Generic.exe
C:\Program Files\Sony

Ericsson\Mobile2\Mobile Phone

Monitor\epmworker.exe
C:\Program Files\Internet

Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and

Settings\SEBASTIEN\Local

Settings\Temporary Internet

Files\Content.IE5\712SRPTK\HiJackTh

is_v2[1].exe

R0 -

HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

https://www.orange.fr/portail
R0 -

HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName =

Liens
R3 - URLSearchHook: Search Class -

{08C06D61-F1F3-4799-86F8-BE1A89362C

85} -

C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: &Yahoo! Toolbar

-

{EF99BD32-C1FB-11D2-892F-0090271D4F

88} - (no file)
O2 - BHO: (no name) -

{1557B435-8242-4686-9AA3-9265BF7525

A4} -

C:\WINDOWS\system32\akiogygw.dll
O2 - BHO: (no name) -

{1F737917-06DA-44ED-8156-944619AECE

3F} -

C:\WINDOWS\system32\cbxwvus.dll
O2 - BHO: (no name) -

{6AAA177C-91EE-4F5E-B2CA-15E1FD6B60

8e} -

C:\WINDOWS\system32\fdsfiiwf.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473

F7} - c:\program

files\google\googletoolbar4.dll
O2 - BHO: (no name) -

{DC6F5823-FD3A-4C6B-92A9-527EE14FAD

1E} - C:\WINDOWS\system32\jkkig.dll
O2 - BHO: (no name) -

{E12BFF69-38A7-406e-A8EF-2738107A78

31} -

C:\WINDOWS\system32\bwegukww.dll
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5CD

4F} - c:\program

files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [TkBellExe]

"C:\Program Files\Fichiers

communs\Real\Update_OB\realsched.ex

e" -osboot
O4 - HKLM\..\Run: [QuickTime Task]

"C:\Program

Files\QuickTime\qttask.exe"

-atboottime
O4 - HKLM\..\Run: [Sony Ericsson PC

Suite] "C:\Program Files\Sony

Ericsson\Mobile2\Application

Launcher\Application Launcher.exe"

/startoptions
O4 - HKLM\..\Run: [YeppStudioAgent]

C:\Program Files\Samsung\Samsung

Media

Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [ApachInc]

rundll32.exe

"C:\WINDOWS\system32\lmrbawxx.dll",

realset
O4 - HKLM\..\Run: [j7291138]

rundll32

C:\WINDOWS\system32\j7291138.dll

sook
O4 - HKCU\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\LogitechD

esktopMessenger.exe
O4 - HKCU\..\Run: [WOOKIT]

C:\PROGRA~1\Wanadoo\GestMaj.exe

EspaceWanadoo.exe
O4 - HKCU\..\Run: [MSMSGS]

"C:\Program

Files\Messenger\msmsgs.exe"

/background
O4 - HKCU\..\Run: [swg] C:\Program

Files\Google\GoogleToolbarNotifier\

1.2.1128.5462\GoogleToolbarNotifier

.exe
O4 - HKUS\S-1-5-19\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE

(User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE

(User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE

(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE

(User 'Default user')
O4 - S-1-5-18 Startup: Camio

Viewer.lnk = C:\Program

Files\Sierra Imaging\Image

Expert\IXApplet.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Camio

Viewer.lnk = C:\Program

Files\Sierra Imaging\Image

Expert\IXApplet.exe (User 'Default

user')
O4 - Startup: BitTorrent.lnk =

C:\Program

Files\BitTorrent\bittorrent.exe
O4 - Startup: Camio Viewer.lnk =

C:\Program Files\Sierra

Imaging\Image Expert\IXApplet.exe
O4 - Startup: TomTom HOME.lnk =

C:\Program Files\TomTom

HOME\TomTomHOME.exe
O4 - Startup: ubisoft register.lnk

= C:\Program Files\Ubi

Soft\Register\schedule.exe
O4 - Global Startup: Adobe Gamma

Loader.exe.lnk = C:\Program

Files\Fichiers

communs\Adobe\Calibration\Adobe

Gamma Loader.exe
O4 - Global Startup: Logitech

Desktop Messenger Agent.lnk =

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\LDMConf.e

xe
O4 - Global Startup: Microsoft

Office.lnk = C:\Program

Files\Microsoft

Office\Office\OSA9.EXE
O4 - Global Startup: Raccourci vers

InterTime.lnk = C:\Program

Files\JCA2000\Intertime\InterTime.e

xe
O9 - Extra button: Messager Wanadoo

-

{FB5F1910-F110-11d2-BB9E-00C04F7956

83} - C:\PROGRA~1\WANADO~2\Wanadoo

Messager.exe
O9 - Extra 'Tools' menuitem:

Messager Wanadoo -

{FB5F1910-F110-11d2-BB9E-00C04F7956

83} - C:\PROGRA~1\WANADO~2\Wanadoo

Messager.exe
O9 - Extra button: Wanadoo -

{1462651F-F4BA-4C76-A001-C4284D0FE1

6E} - https://www.orange.fr/portail (file

missing) (HKCU)
O16 - DPF:

{87AF076E-D86D-4E87-ADDD-F05804E1F1

50} (VirginMega DownloadManager) -

https://www.virginmega.fr/DownloadM

anager/Release/Prod/DownMan.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{

6E0CFAFE-B031-45B1-892A-B5E2110AD46

B}: NameServer = 80.10.246.130

80.10.246.3
O18 - Protocol: bw+0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw+0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw-0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw-0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw00 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw00s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw10 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw10s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw20 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw20s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw30 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw30s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw40 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw40s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw50 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw50s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw60 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw60s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw70 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw70s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw80 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw80s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw90 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bw90s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwa0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwa0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwb0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwb0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwc0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwc0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwd0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwd0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwe0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwe0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwf0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwf0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 -

{9462A756-7B47-47BC-8C80-C34B9B80B3

2B} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\GAPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwg0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwg0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwh0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwh0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwi0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwi0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwj0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwj0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwk0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwk0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwl0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwl0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwm0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwm0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwn0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwn0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwo0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwo0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwp0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwp0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwq0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwq0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwr0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwr0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bws0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bws0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwt0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwt0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwu0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwu0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwv0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwv0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bww0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bww0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwx0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwx0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwy0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwy0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwz0 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: bwz0s -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 -

{DE62E746-3199-456A-9F57-4BDFDC75A8

EC} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugPro

tocol-8876480.dll (file missing)
O20 - Winlogon Notify: cbxwvus -

C:\WINDOWS\SYSTEM32\cbxwvus.dll
O20 - Winlogon Notify: jkkig -

C:\WINDOWS\system32\jkkig.dll
O22 - SharedTaskScheduler:

Pré-chargeur Browseui -

{438755C2-A8BA-11D1-B96B-00A0C90312

E1} -

C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de

cache des catégories de composant -

{8C7461EF-2B13-11d2-BE35-3078302C20

30} -

C:\WINDOWS\System32\browseui.dll
O23 - Service: Boonty Games -

BOONTY - C:\Program Files\Fichiers

communs\BOONTY

Shared\Service\Boonty.exe
O23 - Service: Service

d'administration du Gestionnaire de

disque logique (dmadmin) - Unknown

owner -

C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des

événements (Eventlog) - Unknown

owner -

C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom

Routing Table Service (FTRTSVC) -

France Telecom -

C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater

Service (gusvc) - Google -

C:\Program

Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de

gravage de CD IMAPI (ImapiService)

- Unknown owner -

C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à

distance NetMeeting (mnmsrvc) -

Unknown owner -

C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play

(PlugPlay) - Unknown owner -

C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de

session d'aide sur le Bureau à

distance (RDSessMgr) - Unknown

owner -

C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce

(SCardSvr) - Unknown owner -

C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer -

Nokia. - C:\Program Files\Fichiers

communs\PCSuite\Services\ServiceLay

er.exe
O23 - Service: Journaux et alertes

de performance (SysmonLog) -

Unknown owner -

C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de

volume (VSS) - Unknown owner -

C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance

WMI (WmiApSrv) - Unknown owner -

C:\WINDOWS\System32\wbem\wmiapsrv.e

xe

13 réponses

Réponse 1 / 13
tibo6
 
Bonjour
J'ai un message d'érreur au démarrage:
[url=https://imageshack.com/][img=http://img294.imageshack.us/img294/2418/erreurnk4.jpg][/url]
J'ai redémarré en mode sans échec puis j'ai choisi l'otion 2 de Navilog1
voici le rapport:
Clean Navipromo version 2.0.3 commencé le 09/06/2007 à 7:44:38,94

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

Mode suppression automatique avec prise en charge résultats Blacklight



*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)


*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\SEBASTIEN\Application Data ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\SEBASTIEN\Local Settings\Temp effectué !


*** Sauvegarde du registre vers dossier Backupnavi***


sauvegarde du registre réalise avec succes !


*** Nettoyage registre ***


Nettoyage registre Ok

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche et Suppression Heuristique :

*
**
***
****
*****
******
*******
********

3)Contrôle présence clés Rootkit dans le registre :

Aucune autre clés présente dans le registre !

*** Nettoyage termine le 09/06/2007 à 7:49:17,51 ***

Il me reste à lançer ccleaner puis tous le reste.

Encore merci pour le dépannage car à l'heure actuelle je n'est plus de pubs intempéstives.
@+
0
Réponse 2 / 13
tibo6
 
Voici le rapport ad-aware:
Ad-Aware SE Build 1.06r1
Logfile Created on:samedi 9 juin 2007 08:30:24
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R174 04.06.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):4 total references
Tracking Cookie(TAC index:3):6 total references
Virtumonde(TAC index:10):5 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


09-06-2007 08:30:24 - Scan started. (Custom mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 148
ThreadCreationTime : 09-06-2007 06:28:53
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 196
ThreadCreationTime : 09-06-2007 06:29:07
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 220
ThreadCreationTime : 09-06-2007 06:29:09
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 264
ThreadCreationTime : 09-06-2007 06:29:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 276
ThreadCreationTime : 09-06-2007 06:29:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 428
ThreadCreationTime : 09-06-2007 06:29:19
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 09-06-2007 06:29:21
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 552
ThreadCreationTime : 09-06-2007 06:29:22
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 756
ThreadCreationTime : 09-06-2007 06:29:40
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:10 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 836
ThreadCreationTime : 09-06-2007 06:29:58
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Virtumonde Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1f737917-06da-44ed-8156-944619aece3f}

Virtumonde Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{1f737917-06da-44ed-8156-944619aece3f}

Virtumonde Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment : "{1f737917-06da-44ed-8156-944619aece3f}"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\shellexecutehooks
Value : {1f737917-06da-44ed-8156-944619aece3f}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 3


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 3

MRU List Object Recognized!
Location: : C:\Documents and Settings\SEBASTIEN\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-343818398-1682526488-854245398-1003\software\microsoft\office\9.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-343818398-1682526488-854245398-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk



Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sebastien@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:sebastien@www.smartadserver.com/
Expires : 04-06-2027 08:25:18
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sebastien@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:sebastien@bluestreak.com/
Expires : 06-06-2017 04:23:48
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sebastien@overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:sebastien@overture.com/
Expires : 06-06-2017 08:26:06
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sebastien@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:sebastien@doubleclick.net/
Expires : 08-06-2010 08:22:48
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sebastien@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:sebastien@weborama.fr/
Expires : 10-08-2007 08:25:20
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sebastien@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:sebastien@atdmt.com/
Expires : 07-06-2012 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 13



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Virtumonde Object Recognized!
Type : File
Data : A0628804.dll
TAC Rating : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{64959462-AE9E-42BD-B28D-A6F3927131AB}\RP1003\



Virtumonde Object Recognized!
Type : File
Data : cbxwvus.dll.bad
TAC Rating : 10
Category : Malware
Comment :
Object : C:\VundoFix Backups\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 15


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 15




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 15

09:01:18 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:30:53.845
Objects scanned:220259
Objects identified:11
Objects ignored:0
New critical objects:11

J'avais donc encore Virtumonde (un malware d'après ad-aware).
Hier j'avais pourtant lançé virtumondebegone sans succès.
Que faut-il que je fasse maintenenant?
Et toujours mon méssage d'erreur au démarrage.
0
Réponse 3 / 13
tibo6
 
Bonsoir

J'ai fait tout ce qui a été stipulé dans ton dernier message.
Voici le rapport de Bitdefender:

BitDefender Online Scanner



Scan report generated at: Sun, Jun 10, 2007 - 20:01:07





Scan path: A:\;C:\;D:\;E:\;F:\;







Statistics

Time
02:25:28

Files
342480

Folders
12031

Boot Sectors
4

Archives
7621

Packed Files
17492




Results

Identified Viruses
15

Infected Files
35

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
32




Engines Info

Virus Definitions
512795

Engine build
AVCORE v1.0 (build 2409) (i386) (May 9 2007 18:01:21)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\SEBASTIEN\.jpi_cache\jar\1.0\OP.jar-17c21238-4f18e424.zip=>OP.class
Infected with: Trojan.Downloader.Java.Openconnection.AP

C:\Documents and Settings\SEBASTIEN\.jpi_cache\jar\1.0\OP.jar-17c21238-4f18e424.zip=>OP.class
Disinfection failed

C:\Documents and Settings\SEBASTIEN\.jpi_cache\jar\1.0\OP.jar-17c21238-4f18e424.zip=>OP.class
Deleted

C:\Documents and Settings\SEBASTIEN\.jpi_cache\jar\1.0\OP.jar-17c21238-4f18e424.zip
Updated

C:\Program Files\Broderbund\Photo Pro\System\Randomize.dll
Infected with: Backdoor.Ralpha.A

C:\Program Files\Broderbund\Photo Pro\System\Randomize.dll
Disinfection failed

C:\Program Files\Broderbund\Photo Pro\System\Randomize.dll
Deleted

C:\System Volume Information\_restore{64959462-AE9E-42BD-B28D-A6F3927131AB}\RP1005\A0629185.dll
Infected with: Backdoor.Ralpha.A

C:\System Volume Information\_restore{64959462-AE9E-42BD-B28D-A6F3927131AB}\RP1005\A0629185.dll
Disinfection failed

C:\System Volume Information\_restore{64959462-AE9E-42BD-B28D-A6F3927131AB}\RP1005\A0629185.dll
Deleted

C:\VundoFix Backups\avrivdsw.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\avrivdsw.dll.bad
Deleted

C:\VundoFix Backups\dxykqftk.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\dxykqftk.dll.bad
Deleted

C:\VundoFix Backups\emidmcam.dll.bad
Infected with: MemScan:Trojan.BHO.BM

C:\VundoFix Backups\emidmcam.dll.bad
Disinfection failed

C:\VundoFix Backups\emidmcam.dll.bad
Deleted

C:\VundoFix Backups\gawiqswt.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\gawiqswt.dll.bad
Deleted

C:\VundoFix Backups\hqpketxy.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\hqpketxy.dll.bad
Deleted

C:\VundoFix Backups\idlhrfpq.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\idlhrfpq.dll.bad
Deleted

C:\VundoFix Backups\jkkig.dll.bad
Infected with: MemScan:Trojan.Vundo.AP

C:\VundoFix Backups\jkkig.dll.bad
Disinfection failed

C:\VundoFix Backups\jkkig.dll.bad
Deleted

C:\VundoFix Backups\kvarmfdm.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\kvarmfdm.dll.bad
Deleted

C:\VundoFix Backups\lmrbawxx.dll.bad
Infected with: GenPack:Trojan.Vundo.DLZ

C:\VundoFix Backups\lmrbawxx.dll.bad
Disinfection failed

C:\VundoFix Backups\lmrbawxx.dll.bad
Deleted

C:\VundoFix Backups\oblrxqpr.dll.bad
Infected with: Trojan.Vundo.AN

C:\VundoFix Backups\oblrxqpr.dll.bad
Disinfection failed

C:\VundoFix Backups\oblrxqpr.dll.bad
Deleted

C:\VundoFix Backups\ovfbmnrs.dll.bad
Infected with: Trojan.Vundo.AN

C:\VundoFix Backups\ovfbmnrs.dll.bad
Disinfection failed

C:\VundoFix Backups\ovfbmnrs.dll.bad
Deleted

C:\VundoFix Backups\rxpmicpx.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\rxpmicpx.dll.bad
Deleted

C:\VundoFix Backups\wvusrxtx.dll.bad
Infected with: MemScan:Trojan.BHO.BG

C:\VundoFix Backups\wvusrxtx.dll.bad
Disinfection failed

C:\VundoFix Backups\wvusrxtx.dll.bad
Deleted

C:\VundoFix Backups\xfgwttbi.dll.bad
Infected with: Trojan.Vundo.DLP

C:\VundoFix Backups\xfgwttbi.dll.bad
Disinfection failed

C:\VundoFix Backups\xfgwttbi.dll.bad
Deleted

C:\VundoFix Backups\xfnsuydw.dll.bad
Infected with: Trojan.Spy.VBStat.B

C:\VundoFix Backups\xfnsuydw.dll.bad
Deleted

C:\VundoFix Backups\xxpeqowo.dll.bad
Infected with: Trojan.Virtumod.ALZ

C:\VundoFix Backups\xxpeqowo.dll.bad
Disinfection failed

C:\VundoFix Backups\xxpeqowo.dll.bad
Deleted

C:\WINDOWS\system32\akiogygw.dll
Infected with: Trojan.Vundo.AO

C:\WINDOWS\system32\akiogygw.dll
Disinfection failed

C:\WINDOWS\system32\akiogygw.dll
Delete failed

C:\WINDOWS\system32\clolmtwl.dll
Infected with: Trojan.Vundo.AO

C:\WINDOWS\system32\clolmtwl.dll
Disinfection failed

C:\WINDOWS\system32\clolmtwl.dll
Deleted

C:\WINDOWS\system32\ejxknmhp.exe
Infected with: Trojan.LowZones.SA

C:\WINDOWS\system32\ejxknmhp.exe
Disinfection failed

C:\WINDOWS\system32\ejxknmhp.exe
Deleted

C:\WINDOWS\system32\fdsfiiwf.dll
Infected with: Trojan.BHO.AR

C:\WINDOWS\system32\fdsfiiwf.dll
Disinfection failed

C:\WINDOWS\system32\fdsfiiwf.dll
Delete failed

C:\WINDOWS\system32\gdnaupvi.dll
Infected with: Trojan.Vundo.AO

C:\WINDOWS\system32\gdnaupvi.dll
Disinfection failed

C:\WINDOWS\system32\gdnaupvi.dll
Deleted

C:\WINDOWS\system32\gfldowwa.exe
Infected with: Trojan.LowZones.SA

C:\WINDOWS\system32\gfldowwa.exe
Disinfection failed

C:\WINDOWS\system32\gfldowwa.exe
Deleted

C:\WINDOWS\system32\gvptgfrq.dll
Infected with: Trojan.BHO.BP

C:\WINDOWS\system32\gvptgfrq.dll
Disinfection failed

C:\WINDOWS\system32\gvptgfrq.dll
Deleted

C:\WINDOWS\system32\j7291138.dll
Infected with: Trojan.Clicker.Small.YB

C:\WINDOWS\system32\j7291138.dll
Disinfection failed

C:\WINDOWS\system32\j7291138.dll
Delete failed

C:\WINDOWS\system32\jmmjwxqc.dll
Infected with: Trojan.BHO.AR

C:\WINDOWS\system32\jmmjwxqc.dll
Disinfection failed

C:\WINDOWS\system32\jmmjwxqc.dll
Deleted

C:\WINDOWS\system32\oacmgbca.dll
Infected with: Trojan.Vundo.AO

C:\WINDOWS\system32\oacmgbca.dll
Disinfection failed

C:\WINDOWS\system32\oacmgbca.dll
Deleted

C:\WINDOWS\system32\oifvdtdd.exe
Infected with: Trojan.Clicker.Small.YB

C:\WINDOWS\system32\oifvdtdd.exe
Disinfection failed

C:\WINDOWS\system32\oifvdtdd.exe
Deleted

C:\WINDOWS\system32\qfsjxeik.dll
Infected with: Trojan.BHO.AR

C:\WINDOWS\system32\qfsjxeik.dll
Disinfection failed

C:\WINDOWS\system32\qfsjxeik.dll
Deleted

C:\WINDOWS\system32\uinwccpi.dll
Infected with: Trojan.Vundo.AO

C:\WINDOWS\system32\uinwccpi.dll
Disinfection failed

C:\WINDOWS\system32\uinwccpi.dll
Deleted

C:\WINDOWS\system32\uiuoygsd.dll
Infected with: Trojan.Vundo.AO

C:\WINDOWS\system32\uiuoygsd.dll
Disinfection failed

C:\WINDOWS\system32\uiuoygsd.dll
Deleted

C:\WINDOWS\system32\vhrvwmvw.exe
Infected with: Trojan.LowZones.SA

C:\WINDOWS\system32\vhrvwmvw.exe
Disinfection failed

C:\WINDOWS\system32\vhrvwmvw.exe
Deleted

C:\WINDOWS\system32\xpejvmvg.exe
Infected with: Trojan.LowZones.SA

C:\WINDOWS\system32\xpejvmvg.exe
Disinfection failed

C:\WINDOWS\system32\xpejvmvg.exe
Deleted

Depuis je n'est plus de pubs intempestives
0
Réponse 4 / 13
tibo6
 
Bonsoir

Peux-tu me dire si tout est rentrer dans l'ordre?

Bonne soirée.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:41:11, on 10/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\SEBASTIEN\Mes documents\megret.sebastien\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\akiogygw.dll
O2 - BHO: (no name) - {6AAA177C-91EE-4F5E-B2CA-15E1FD6B608e} - C:\WINDOWS\system32\fdsfiiwf.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: (no name) - {DC6F5823-FD3A-4C6B-92A9-527EE14FAD1E} - C:\WINDOWS\system32\jkkig.dll (file missing)
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\bwegukww.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\lmrbawxx.dll",realset
O4 - HKLM\..\Run: [j7291138] rundll32 C:\WINDOWS\system32\j7291138.dll sook
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe (User 'Default user')
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe
O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe
O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Raccourci vers InterTime.lnk = C:\Program Files\JCA2000\Intertime\InterTime.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E0CFAFE-B031-45B1-892A-B5E2110AD46B}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
tibo6
 
Bonjour

J'ai ad-aware SE Personnal Build 1.06r1 et en pare-feu c'est celui de windows XP qui est activé.
Bonne journée.
0
Réponse 6 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
cwshredder (faire fix et non scan only)

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/27497.html

puis navilog 1:


http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Télécharger sur le bureau
Navilog.zip
= Double-Clic navilog1.zip
= Extraire tout sur le bureau
= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1

un rapport : fixnavi.txt dans C : va se creer
le copier/coller dans ton prochain message.




= Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8, jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
= Lance navilog1
= Cette fois-ci choisi l'option 2
= Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
= Un rapport va être génrer sur ton C:\ qui sera en option 2
Note: le bureau disparaît

= Redémarre en mode normal et colle le contenu du rapport de navilog (qui est en option 2)


utilise aussi pour supprimer tes traces

CCLEANER: (lance un netoyage et repare les clés) sans installer la barre yahoo
https://www.01net.com/




ensuite:

scan avec des antiespions(en mode sans echec):

spybot :

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

AD AWARE
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html

si tout c'est bien passer redemarre en mode normal et desactive la restauration syteme pour purger les virus qui seraient dedans puis reactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis parametre)

D/puis fait un scan en ligne avec un des suivants: et colle le rapport)

Panda en ligne :
http://pandasoftware.fr

kaspersky en ligne :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
-1
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Oups ! j'avions point vu :)

désolée ! je laisse la main
-1
Réponse 7 / 13
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut


Télécharger VundoFix.exe (par Atribune) sur votre Bureau : http://www.atribune.org/downloads/VundoFix.exe

* Double-cliquer sur VundoFix.exe afin de le lancer.
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo.
* Une invite te demandera si tu veux supprimer les fichiers, clique sur YES
* Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"). Clique sur OK
* Démarre ton PC à nouveau.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans votre prochaine réponse dans le forum.
-1
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
non tu peux si tu veux pas de souci!
-1
Réponse 8 / 13
tibo6 Messages postés 44 Statut Membre
 
Bonsoir

Merci pour vos réponses.
J'ai éssayé navilog 1.
Voci le rapport:
Search Navipromo version 2.0.3 commencé le 08/06/2007 à 19:07:52,93

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\SEBASTIEN\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1061.

[+] Started on 06/08/07 at 19:07:58.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .....................................................................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 06/08/07 at 19:22:15 (return code = 0).


*** Recherche fichiers ***




*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control



*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

C:\WINDOWS\system32\gikkj.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\gikkj.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\gikkj.bak2 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********


*** Analyse Terminé le 08/06/2007 à 19:22:41,72 ***
@+
-1
Réponse 9 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
deja on voit que tu es infecté par vundo

donc fait les 3 choses suivantes

scan avec vundo

Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4

Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.

Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.


puis


virtumondebegone

http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe


puis Symantec Vundo Remove Tool

https://www.broadcom.com/support/security-center




puis fait le reste que je t'avais indiqué et colle le rapport du scan en ligne
-1
Réponse 10 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
fait les 3 choses suivantes

scan avec vundo

Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4

Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.

Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.


puis


virtumondebegone

http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe


puis Symantec Vundo Remove Tool

https://www.broadcom.com/support/security-center

----------------------- ensuite surtout car parfois sinon virtumonde reste:
puis desactive la restauration systeme (DEMARRER TOUS LES PROG puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION et desactive dans PARAMETRE puis reactive)

-----------------------
utilise ensuite rogue remover

https://www.01net.com/telecharger/



puis fait un scan en ligne et colle le rapport

https://www.bitdefender.com/toolbox/
-1
Réponse 11 / 13
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

ok, poste un nouveau hijack stp

++
-1
Réponse 12 / 13
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
re

# Désactiver la Restauration du système

* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs


# Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\akiogygw.dll
O2 - BHO: (no name) - {6AAA177C-91EE-4F5E-B2CA-15E1FD6B608e} - C:\WINDOWS\system32\fdsfiiwf.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: (no name) - {DC6F5823-FD3A-4C6B-92A9-527EE14FAD1E} - C:\WINDOWS\system32\jkkig.dll (file missing)
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\bwegukww.dll

O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\lmrbawxx.dll",realset
O4 - HKLM\..\Run: [j7291138] rundll32 C:\WINDOWS\system32\j7291138.dll sook

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE


O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab

O18 - Protocol: bw+0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {DE62E746-3199-456A-9F57-4BDFDC75A8EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

ensuite, fais est indiqué ici stp : ( seulement ccleaner + avg ! )

virus methode preliminaire de desinfection version fr


as tu un antivirus ou un parefeu ???

bonne soirée à toi aussi !

@+
-1
Réponse 13 / 13
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

installe un antivirus ! et un "vrai" parefeu :)

ad-aware est un antispy !

voir ici : bonne lecture !
securite proteger un ordinateur contre les malwares d internet

@+
-1

Discussions similaires

Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse
Comment bloquer les pubs du site dailymotion?
coulterfeith -
SeigneurSidious -

13 réponses
Débloquer les vidéos Dailymotion
Ross-D -
bbb -

6 réponses
comment desactiver un bloqueur de pub
amour10 -
MPMP10 -

4 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses