Virus host trojan dans le système 32

mado163 Messages postés 22 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
bonjour j'ai un petit soucis le virus host trojan c'est invité dans l'ordi de mon frere dans C:/windows/systeme 32/drivers.
nous sommes pas tres doués en informatique.
merci
Configuration: Windows XP
Internet Explorer 7.0

10 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt,
    colle un rapport hijackthis

    http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

    manuel :

    https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

    Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

    ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

    Ensuite avec Explorer créer un dossier c:\hijackthis
    Décompresser Hijackthis dans ce dossier.
    C'est important pour les sauvegardes."

    ___________________

    AVG antispyware

    https://www.01net.com/telecharger/

    Tuto :
    http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

    ->Relance AVG AS -> "Analyse" ->"Paramètres"

    Sous la question "Comment réagir ?" :

    -> clique sur "Actions recommandées" et choisis "Quarantaines"
    -> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

    Si un fichier est infecté en fin d'analyse

    ->Clique sur "Appliquer toutes les actions "

    ->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".

    ->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
    0
  2. mado163 Messages postés 22 Statut Membre
     
    coucou
    je suis paumé je comprend pas comment faire pour renommer fichier hijackthis je suis vraiment tres nul en info
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    colle le tant pis non renommé on verra
    0
  4. mado163 Messages postés 22 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:45:51, on 30/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\lssas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\eMule\Weflirt\weflirt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
    C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
    C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
    C:\Program Files\Controle Parental\bin\optproxy.exe
    C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
    C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Logitech\QuickCam10\COCIManager.exe
    C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
    C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
    R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
    R3 - URLSearchHook: Secured_eMule Toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSec1.dll
    R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: Secured_eMule Toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSec1.dll
    O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
    O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
    O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Secured_eMule Toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSec1.dll
    O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Eac_Rvndl] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\EACDownload\RAVEN_~1.EXE -k
    O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [My Search Bar Eq] "C:\Program Files\MySearch\bar\s4bareq.exe" /r
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [DefensedInformation] "C:\Program Files\DefensedInformation\GDC.exe"
    O4 - HKLM\..\Run: [ugdccw] "C:\PROGRA~1\DEFENS~1\UGDCcw.exe" -start
    O4 - HKLM\..\Run: [Salestart(1)] "C:\Program Files\Fichiers communs\DefenseNetSurfage\mc.exe" dm=http://defensenetsurfage.com; ad=http://defensenetsurfage.com
    O4 - HKLM\..\Run: [DefenseNetSurfage] "C:\Program Files\DefensedInformation\GDC.exe"
    O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\lssas.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [DefensedInformation] C:\Program Files\DefensedInformation\GDC.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Weflirt] "C:\Program Files\eMule\Weflirt\weflirt.exe" -background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DefenseNetSurfage] C:\Program Files\DefensedInformation\GDC.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Registration .LNK = ?
    O4 - Startup: vdckaqv.exe
    O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Save Image - res://E:\bin\PictureAceLite.exe/130
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O9 - Extra button: (no name) - {BC8FABCD-8649-4eef-89DB-C012144ADFB1} - E:\bin\PictureAceLite.exe (HKCU)
    O9 - Extra 'Tools' menuitem: Picture Ace Lite - {BC8FABCD-8649-4eef-89DB-C012144ADFB1} - E:\bin\PictureAceLite.exe (HKCU)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{12EB20F7-664E-463F-A808-35FBF131F5D9}: NameServer = 85.255.115.156,85.255.112.172
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1597BE51-0260-49E7-A34C-C5EA1B0FDCEF}: NameServer = 85.255.115.156,85.255.112.172
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.156 85.255.112.172
    O17 - HKLM\System\CS1\Services\Tcpip\..\{12EB20F7-664E-463F-A808-35FBF131F5D9}: NameServer = 85.255.115.156,85.255.112.172
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.156 85.255.112.172
    O17 - HKLM\System\CS2\Services\Tcpip\..\{12EB20F7-664E-463F-A808-35FBF131F5D9}: NameServer = 85.255.115.156,85.255.112.172
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.156 85.255.112.172
    O18 - Protocol: bw+0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O22 - SharedTaskScheduler: decompoundly - {7dfa04a9-5e60-458b-ace4-4a7613504e8d} - C:\WINDOWS\system32\itdtjjf.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. mado163 Messages postés 22 Statut Membre
     
    vous avez vu l'analyse
    je l'ai fais correctement?
    0
  7. mado163 Messages postés 22 Statut Membre
     
    je dois partir je reviens plus tard. merci
    0
  8. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    oui c'est bon tu es redirigé en ukraine

    peux tu avant de partir faire ceci:

    * Télécharge FixWareout d'un de ces deux sites sur le bureau:
    http://downloads.subratam.org/Fixwareout.exe
    http://swandog46.geekstogo.com/Fixwareout.exe

    * Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
    Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

    *Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt) avec un nouveau rapport HijackThis! dans ta prochaine réponse.
    0
  9. mado163 Messages postés 22 Statut Membre
     
    bonjour desoler pour hier j'étais déjà parti.
    voilà le rapport.

    Username "Propri‚taire" - 30/12/2007 20:54:27 [Fixwareout edited 9/01/2007]

    ~~~~~ Prerun check

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    "nameserver"="85.255.115.156 85.255.112.172" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{12EB20F7-664E-463F-A808-35FBF131F5D9}
    "nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{1597BE51-0260-49E7-A34C-C5EA1B0FDCEF}
    "nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{1597BE51-0260-49E7-A34C-C5EA1B0FDCEF}
    "DhcpNameServer"="85.255.115.156,85.255.112.172" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{9A73D2D4-CE5C-4FAB-8D3C-8E2767E772DF}
    "DhcpNameServer"="85.255.115.156,85.255.112.172" <Value cleared.

    Cache de résolution DNS vidé.

    System was rebooted successfully.

    ~~~~~ Postrun check
    HKLM\SOFTWARE\~\Winlogon\ "System"=""
    ....
    ....
    ~~~~~ Misc files.
    ....
    ~~~~~ Checking for older varients.
    ....

    ~~~~~ Current runs (hklm hkcu "run" Keys Only)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"="SOUNDMAN.EXE"
    "NVMixerTray"="\"C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\""
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "Eac_Rvndl"="C:\\DOCUME~1\\PROPRI~1\\LOCALS~1\\Temp\\EACDownload\\RAVEN_~1.EXE -k"
    "Device Detector"="\"C:\\Program Files\\Fichiers communs\\ACD Systems\\FR\\DevDetect.exe\" -autorun"
    "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
    "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
    "WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
    "WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
    "My Search Bar Eq"="\"C:\\Program Files\\MySearch\\bar\\s4bareq.exe\" /r"
    "F-Secure Manager"="\"C:\\Program Files\\AntivirusFirewall\\Common\\FSM32.EXE\" /splash"
    "F-Secure TNB"="\"C:\\Program Files\\AntivirusFirewall\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW"
    "F-Secure Startup Wizard"="\"C:\\Program Files\\AntivirusFirewall\\FSGUI\\FSSW.EXE\" /reboot"
    "News Service"="\"C:\\Program Files\\AntivirusFirewall\\FSGUI\\ispnews.exe\""
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "SweetIM"="C:\\Program Files\\Macrogaming\\SweetIM\\SweetIM.exe"
    "DefensedInformation"="\"C:\\Program Files\\DefensedInformation\\GDC.exe\""
    "ugdccw"="\"C:\\PROGRA~1\\DEFENS~1\\UGDCcw.exe\" -start"
    "Salestart(1)"="\"C:\\Program Files\\Fichiers communs\\DefenseNetSurfage\\mc.exe\" dm=http://defensenetsurfage.com; ad=http://defensenetsurfage.com"
    "DefenseNetSurfage"="\"C:\\Program Files\\DefensedInformation\\GDC.exe\""
    "OPTENET_GUI"="C:\\PROGRA~1\\CONTRO~1\\bin\\optgui.exe"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_02\\bin\\jusched.exe\""
    "LogitechCommunicationsManager"="\"C:\\Program Files\\Fichiers communs\\Logitech\\LComMgr\\Communications_Helper.exe\""
    "LogitechQuickCamRibbon"="\"C:\\Program Files\\Logitech\\QuickCam10\\QuickCam10.exe\" /hide"
    "LVCOMSX"="\"C:\\Program Files\\Fichiers communs\\Logitech\\LComMgr\\LVComSX.exe\""
    "Local Security Authority Service"="C:\\WINDOWS\\system32\\lssas.exe"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "WOOKIT"="C:\\Program Files\\Wanadoo\\Shell.exe appLaunchClientZone.shl|PARAM= cnx"
    "IncrediMail"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe /c"
    "SweetIM"="C:\\Program Files\\Macrogaming\\SweetIM\\SweetIM.exe"
    "DefensedInformation"="C:\\Program Files\\DefensedInformation\\GDC.exe"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
    "Weflirt"="\"C:\\Program Files\\eMule\\Weflirt\\weflirt.exe\" -background"
    "msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
    "DefenseNetSurfage"="C:\\Program Files\\DefensedInformation\\GDC.exe"
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "Steam"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
    "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
    ....
    Hosts file was reset, If you use a custom hosts file please replace it...
    ~~~~~ End report ~~~~~
    0
  10. mado163 Messages postés 22 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:05:56, on 31/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\PROGRA~1\DEFENS~1\UGDCcw.exe
    C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\lssas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\eMule\Weflirt\weflirt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
    C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
    C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
    C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
    C:\Program Files\Controle Parental\bin\optproxy.exe
    C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
    C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Logitech\QuickCam10\COCIManager.exe
    C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
    R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
    R3 - URLSearchHook: Secured_eMule Toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSec1.dll
    R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: Secured_eMule Toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSec1.dll
    O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
    O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
    O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Secured_eMule Toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSec1.dll
    O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Eac_Rvndl] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\EACDownload\RAVEN_~1.EXE -k
    O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [My Search Bar Eq] "C:\Program Files\MySearch\bar\s4bareq.exe" /r
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [DefensedInformation] "C:\Program Files\DefensedInformation\GDC.exe"
    O4 - HKLM\..\Run: [ugdccw] "C:\PROGRA~1\DEFENS~1\UGDCcw.exe" -start
    O4 - HKLM\..\Run: [Salestart(1)] "C:\Program Files\Fichiers communs\DefenseNetSurfage\mc.exe" dm=http://defensenetsurfage.com; ad=http://defensenetsurfage.com
    O4 - HKLM\..\Run: [DefenseNetSurfage] "C:\Program Files\DefensedInformation\GDC.exe"
    O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\lssas.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [DefensedInformation] C:\Program Files\DefensedInformation\GDC.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Weflirt] "C:\Program Files\eMule\Weflirt\weflirt.exe" -background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DefenseNetSurfage] C:\Program Files\DefensedInformation\GDC.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Registration .LNK = ?
    O4 - Startup: vdckaqv.exe
    O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Save Image - res://E:\bin\PictureAceLite.exe/130
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O9 - Extra button: (no name) - {BC8FABCD-8649-4eef-89DB-C012144ADFB1} - E:\bin\PictureAceLite.exe (HKCU)
    O9 - Extra 'Tools' menuitem: Picture Ace Lite - {BC8FABCD-8649-4eef-89DB-C012144ADFB1} - E:\bin\PictureAceLite.exe (HKCU)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: bw+0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {B429DC63-A8C6-4C5E-AF89-A56D6966C0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O22 - SharedTaskScheduler: decompoundly - {7dfa04a9-5e60-458b-ace4-4a7613504e8d} - C:\WINDOWS\system32\itdtjjf.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  11. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    desisntalle via ton panneau de configuration:

    SweetIM
    Multi Media France Toolbar

    _________________
    lance (cwshredder (faire fix)
    https://www.01net.com/actualites/

    _______________

    colle un rapport avg antispyware comme indiqué
    plus haut

    et un rapport bitdefender en ligne

    https://bitdefender.solutions-antivirus.com/scan8/ie.html

    _________________

    reclle un rapport hijakthis et dis tes soucis
    0