Sujet Précédent Sujet Suivant

Bureau disparaît, pub intempestive - vundo ?

Résolu
zouzou -  
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   -
Bonjour,

Depuis quelques temps, nous sommes envahis de fenêtre publicitaire intempestive dès que nous ouvrons notre navigateur. Et parfois le bureau s'efface complètement, on est alors obligé de forcer l'ordi à quitter et en général quand on rallume, le bureau est revenu, en tout cas pour un certain temps...
Autre petit problème : à chaque fois qu'on rallume l'ordi, pour se connecter à internet, il faut qu'on fasse "réparer" l'état de la connexion.
Comme on se croit malin, on a essayé de réparer nous-mêmes = on a pas mal surfé sur ce forum, on a fait ccleaner, avg antispyware et bitdefender, puis vundofix (qui a permi d'avoir un ordi qui marchait bien pendant quelques jours) mais là ça recommence...
Voici le rapport hijackthis, merci pour votre aide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:02:54, on 23/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [6d9186ee] rundll32.exe "C:\WINDOWS\system32\llojsetl.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: bw+0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
A voir également:

16 réponses

Réponse 1 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
salut

pour commencer

chehche ce fichier et supprime le
C:\Program Files\Logitech\Desktop Messenger\

java , n'est pas à jour donc la mettre à jour
supprime dans ajout/suppresion de programme
et telecharge cette version
https://www.java.com/fr/

-----------------------------------
ensuite tu as bitdefender et norton sur ton pc ??????

alors tu en supprime un ..........si c'est norton, il faut le desinstallateur

tu le trouvera ici
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/e1422b2508cec946882568c70062bbf8/1168d30686f6fdb080256fe3003757be?OpenDocument

et ceci ensuite

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer.

Clique sur le bouton Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown") ; clique OK
Démarre ton PC à nouveau.
Copie/colle le rapport (c:\vundofix.txt) dans ta réponse

a+
0
Réponse 2 / 16
zouzou2 Messages postés 8 Statut Membre
 
Salut, merci pour ton aide.
J'ai donc :
- supprimer le dossier C:\Program Files\Logitech\Desktop Messenger\
- désinstaller puis réinstaller java
- désinstaller norton
- fait Vundofix dont voici le rapport

J'ai une fenêtre qui s'ouvre au démarrage disant :
"c:\WINDOWS\system32\llujsetl.dll
Module spécifié introuvable"
J'ai toujours besoin de faire "réparer" dans état de la connexion pour me connecter.
Plus de fenêtre pub intempestive apparemment, merci :)

VundoFix V6.7.8

Checking Java version...

Scan started at 09:51:09 23/02/2008

Listing files found while scanning....

C:\WINDOWS\system32\stutv.ini
C:\WINDOWS\system32\stutv.ini2
C:\WINDOWS\system32\vtuts.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\stutv.ini
C:\WINDOWS\system32\stutv.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\stutv.ini2
C:\WINDOWS\system32\stutv.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtuts.dll
C:\WINDOWS\system32\vtuts.dll Has been deleted!

Performing Repairs to the registry.
Done!
0
Réponse 3 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
salut

tu veux bien reposter un hijackthis, stp
0
Réponse 4 / 16
zouzou2 Messages postés 8 Statut Membre
 
Voici le rapport hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:09, on 24/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2E58C789-A2C5-488E-B01D-FD27D5E2E798} - C:\WINDOWS\system32\ssqrs.dll (file missing)
O2 - BHO: (no name) - {64FADF29-4BBB-4E0E-9ABC-B2F5D0B91560} - C:\WINDOWS\system32\pmkji.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {863D9361-9C21-4204-80EB-1BFDF5D30CAE} - C:\WINDOWS\system32\vtuts.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {94204837-0871-4E6A-A426-7F75B1B731F0} - C:\WINDOWS\system32\opnopmk.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {abb62163-e7d2-40e2-a894-da4ee035b718} - C:\WINDOWS\system32\joubnfrh.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [6d9186ee] rundll32.exe "C:\WINDOWS\system32\llojsetl.dll",b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: bw+0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
salut

nous continuons

téléchargeComboFix ici:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Et enregistre le sur le bureau.
Regardes ici, si tu souhaites te familiariser avec son utilisation:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Sur ton bureau double clic sur Combofix.exe.
Appuies sur la touche 1, pour que le programme commence à s'exécuter et suis les instructions à l'écran.
En cours de nettoyage il est possible, que tu reçoives un avertissement te disant que le pc va redémarrer, laisse faire.

Après le redemarrage du pc, un rapport s'ouvrira dans le Bloc notes en fin d'analyse, copie et colle tout son contenu dans ton prochain message.
(Le fichier rapport Combofix.txt , est ensuite automatiquement sauvegardé dans C:\Combofix.txt)

/!\ Pendant toute la durée (ça peut être assez long si le pc est très infecté) du scan de ComboFix, n'ouvres aucun programme et ne surfe pas sur le net.

a+
0
Réponse 6 / 16
zouzou2 Messages postés 8 Statut Membre
 
Et voici le rapport Combofix...
ComboFix 08-02-25.3 - fabien 2008-02-25 19:40:06.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1389 [GMT 1:00]
Endroit: C:\Documents and Settings\fabien\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\ijkmp.ini
C:\WINDOWS\system32\ijkmp.ini2
D:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-25 to 2008-02-25 ))))))))))))))))))))))))))))))))))))
.

2008-02-23 09:51 . 2008-02-23 09:51 <REP> d-------- C:\VundoFix Backups
2008-02-23 09:25 . 2008-02-23 09:25 <REP> d-------- C:\Program Files\Java
2008-02-23 09:25 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-23 00:55 . 2008-02-23 00:55 <REP> d-------- C:\Program Files\Trend Micro
2008-02-22 22:57 . 2008-02-22 22:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-02-22 22:54 . 2008-02-22 22:54 <REP> d-------- C:\Program Files\Yahoo!
2008-02-22 09:31 . 2008-02-22 09:31 294 ---hs---- C:\WINDOWS\system32\imhbgdyk.ini
2008-02-21 09:13 . 2008-02-22 09:31 354 ---hs---- C:\WINDOWS\system32\gpqtdnxc.ini
2008-02-15 21:00 . 2008-02-23 00:44 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-02-15 13:52 . 2008-02-23 01:11 <REP> d-------- C:\Program Files\Navilog1
2008-02-15 02:22 . 2008-02-15 02:22 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft
2008-02-15 02:22 . 2008-02-15 02:22 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Bitdefender
2008-02-15 01:25 . 2008-02-15 22:10 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-14 00:18 . 2008-02-14 00:18 <REP> d-------- C:\Documents and Settings\fabien\Application Data\Bitdefender
2008-02-14 00:05 . 2008-02-14 00:46 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-02-14 00:04 . 2008-02-25 19:37 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-02-13 23:58 . 2008-02-13 23:58 <REP> d-------- C:\Program Files\Softwin
2008-02-13 23:58 . 2008-02-13 23:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-02-13 23:56 . 2008-02-13 23:59 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-02-13 22:27 . 2008-02-13 22:27 <REP> d-------- C:\Documents and Settings\fabien\Application Data\Grisoft
2008-02-13 22:25 . 2008-02-13 22:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-13 22:25 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-13 22:00 . 2008-02-13 22:00 <REP> d-------- C:\Program Files\CCleaner
2008-02-11 22:38 . 2008-02-11 22:38 90,383 --a------ C:\WINDOWS\system32\instdump.dmp
2008-02-11 22:38 . 2008-02-11 22:38 20,879 --a------ C:\WINDOWS\system32\instdump.zip
2008-02-08 23:52 . 2008-02-13 21:44 3,714 ---hs---- C:\WINDOWS\system32\rbslnpsb.ini
2008-02-07 00:16 . 2008-02-08 22:46 1,854 ---hs---- C:\WINDOWS\system32\uhmnnvdb.ini
2008-02-06 18:26 . 2008-02-06 18:26 <REP> d--hs---- C:\Documents and Settings\NetworkService\Temporary Internet Files
2008-02-06 18:26 . 2008-02-07 00:30 <REP> d--hs---- C:\Documents and Settings\NetworkService\Historique
2008-02-06 00:17 . 2008-02-06 15:24 1,494 ---hs---- C:\WINDOWS\system32\wmbtnbuf.ini
2008-02-04 19:18 . 2008-02-06 00:11 1,074 ---hs---- C:\WINDOWS\system32\bilyjpko.ini
2008-01-26 22:36 . 2008-01-26 22:36 <REP> d--h----- C:\WINDOWS\PIF

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 18:32 --------- d-----w C:\Documents and Settings\fabien\Application Data\OpenOffice.org2
2008-02-25 17:27 31,468 ----a-w C:\Documents and Settings\fabien\Application Data\wklnhst.dat
2008-02-23 08:40 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-02-23 08:17 --------- d-----w C:\Program Files\Logitech
2008-02-20 23:35 --------- d-----w C:\Documents and Settings\fabien\Application Data\BitTorrent
2008-01-27 13:31 --------- d-----w C:\Program Files\BitTorrent
2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2008-01-03 07:38 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-01-03 07:35 --------- d-----w C:\Program Files\OpenOffice.org 2.3 Installation Files
2008-01-02 17:45 --------- d-----w C:\Program Files\Livret scolaire départemental Cycle 3
2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 05:08 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 00:47 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 00:47 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 00:47 1,499,648 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 00:47 1,056,768 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 00:47 1,024,512 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ------w C:\WINDOWS\system32\dllcache\oleaut32.dll
2005-09-24 06:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E58C789-A2C5-488E-B01D-FD27D5E2E798}]
C:\WINDOWS\system32\ssqrs.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64FADF29-4BBB-4E0E-9ABC-B2F5D0B91560}]
C:\WINDOWS\system32\pmkji.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{863D9361-9C21-4204-80EB-1BFDF5D30CAE}]
C:\WINDOWS\system32\vtuts.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{abb62163-e7d2-40e2-a894-da4ee035b718}]
C:\WINDOWS\system32\joubnfrh.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-25 05:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-05 15:13 68856]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 20:34 64512]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58 458752]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 21:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 21:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 21:17 118784]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 16:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 06:22 794713]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 14:14 102400]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11 49152]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 10:33 163840]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 09:50 40960]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23 1187840]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [2006-02-09 08:52 643072]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 00:03 284184]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 20:58 746520]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 07:38 241664]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-03 00:28 185632]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2006-12-15 18:23 139264]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-04-02 16:48 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 21:01 244512]
"6d9186ee"="C:\WINDOWS\system32\llojsetl.dll" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-25 05:00 15360]

C:\Documents and Settings\fabien\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30 73728]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\6d9186ee]
C:\WINDOWS\system32\pjddlfyh.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\mqsvc.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=

R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-03 16:55:12 C:\WINDOWS\Tasks\Connexion facile à Internet.job"
- C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exef/remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-25 19:41:14
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ???pP??????`?@?????L?@

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\sockspy.dll

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\WINDOWS\system32\sockspy.dll
.
Temps d'accomplissement: 2008-02-25 19:41:48
ComboFix-quarantined-files.txt 2008-02-25 18:41:45
.
2008-02-15 21:10:41 --- E O F ---
0
Réponse 7 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
salut

avant de travailler sur ton rapport de combofix, je voudrais celui là en complement

Télécharge VirtumundoBegone sur le bureau:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Double clique ensuite sur VirtumundoBeGone.exe et suis les instructions.
Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le bureau dans ta prochaine réponse avec un nouveau rapport HijackThis.

Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale", c'est normal et attendu

a+
0
Réponse 8 / 16
zouzou2 Messages postés 8 Statut Membre
 
voici le rapport virtumundobegone.

[02/15/2008, 2:18:50] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\fabien\Temporary Internet Files\Content.IE5\IZMX6LX5\VirtumundoBeGone[1].exe" )
[02/15/2008, 2:19:01] - Detected System Information:
[02/15/2008, 2:19:01] - Windows Version: 5.1.2600, Service Pack 2
[02/15/2008, 2:19:01] - Current Username: fabien (Admin)
[02/15/2008, 2:19:01] - Windows is in NORMAL mode.
[02/15/2008, 2:19:01] - Searching for Browser Helper Objects:
[02/15/2008, 2:19:01] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/15/2008, 2:19:01] - BHO 2: {326d4fc5-2eaa-43bc-9a0e-3663d16ff725} ()
[02/15/2008, 2:19:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:01] - Checking for HKLM\...\Winlogon\Notify\pssqauea
[02/15/2008, 2:19:01] - Key not found: HKLM\...\Winlogon\Notify\pssqauea, continuing.
[02/15/2008, 2:19:01] - BHO 3: {53C90290-B72A-47F5-8105-D1DCBF6F7000} ()
[02/15/2008, 2:19:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:01] - Checking for HKLM\...\Winlogon\Notify\pmkji
[02/15/2008, 2:19:01] - Key not found: HKLM\...\Winlogon\Notify\pmkji, continuing.
[02/15/2008, 2:19:01] - BHO 4: {5F2017E6-F6A6-46EB-99D9-0F244117064E} ()
[02/15/2008, 2:19:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:01] - Checking for HKLM\...\Winlogon\Notify\ssqrs
[02/15/2008, 2:19:01] - Key not found: HKLM\...\Winlogon\Notify\ssqrs, continuing.
[02/15/2008, 2:19:01] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/15/2008, 2:19:01] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[02/15/2008, 2:19:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:01] - No filename found. Continuing.
[02/15/2008, 2:19:01] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[02/15/2008, 2:19:01] - BHO 8: {94204837-0871-4E6A-A426-7F75B1B731F0} ()
[02/15/2008, 2:19:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:01] - Checking for HKLM\...\Winlogon\Notify\yayaxyv
[02/15/2008, 2:19:01] - Found: HKLM\...\Winlogon\Notify\yayaxyv - This is probably Virtumundo.
[02/15/2008, 2:19:01] - Assigning {94204837-0871-4E6A-A426-7F75B1B731F0} MSEvents Object
[02/15/2008, 2:19:02] - BHO list has been changed! Starting over...
[02/15/2008, 2:19:02] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/15/2008, 2:19:02] - BHO 2: {326d4fc5-2eaa-43bc-9a0e-3663d16ff725} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - Checking for HKLM\...\Winlogon\Notify\pssqauea
[02/15/2008, 2:19:02] - Key not found: HKLM\...\Winlogon\Notify\pssqauea, continuing.
[02/15/2008, 2:19:02] - BHO 3: {53C90290-B72A-47F5-8105-D1DCBF6F7000} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - Checking for HKLM\...\Winlogon\Notify\pmkji
[02/15/2008, 2:19:02] - Key not found: HKLM\...\Winlogon\Notify\pmkji, continuing.
[02/15/2008, 2:19:02] - BHO 4: {5F2017E6-F6A6-46EB-99D9-0F244117064E} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - Checking for HKLM\...\Winlogon\Notify\ssqrs
[02/15/2008, 2:19:02] - Key not found: HKLM\...\Winlogon\Notify\ssqrs, continuing.
[02/15/2008, 2:19:02] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/15/2008, 2:19:02] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - No filename found. Continuing.
[02/15/2008, 2:19:02] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[02/15/2008, 2:19:02] - BHO 8: {94204837-0871-4E6A-A426-7F75B1B731F0} (MSEvents Object)
[02/15/2008, 2:19:02] - ALERT: Found MSEvents Object!
[02/15/2008, 2:19:02] - BHO 9: {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (CNavExtBho Class)
[02/15/2008, 2:19:02] - BHO 10: {A95B2816-1D7E-4561-A202-68C0DE02353A} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - Checking for HKLM\...\Winlogon\Notify\vdlqntgi
[02/15/2008, 2:19:02] - Found: HKLM\...\Winlogon\Notify\vdlqntgi - This is probably Virtumundo.
[02/15/2008, 2:19:02] - Assigning {A95B2816-1D7E-4561-A202-68C0DE02353A} MSEvents Object
[02/15/2008, 2:19:02] - BHO list has been changed! Starting over...
[02/15/2008, 2:19:02] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/15/2008, 2:19:02] - BHO 2: {326d4fc5-2eaa-43bc-9a0e-3663d16ff725} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - Checking for HKLM\...\Winlogon\Notify\pssqauea
[02/15/2008, 2:19:02] - Key not found: HKLM\...\Winlogon\Notify\pssqauea, continuing.
[02/15/2008, 2:19:02] - BHO 3: {53C90290-B72A-47F5-8105-D1DCBF6F7000} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - Checking for HKLM\...\Winlogon\Notify\pmkji
[02/15/2008, 2:19:02] - Key not found: HKLM\...\Winlogon\Notify\pmkji, continuing.
[02/15/2008, 2:19:02] - BHO 4: {5F2017E6-F6A6-46EB-99D9-0F244117064E} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - Checking for HKLM\...\Winlogon\Notify\ssqrs
[02/15/2008, 2:19:02] - Key not found: HKLM\...\Winlogon\Notify\ssqrs, continuing.
[02/15/2008, 2:19:02] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/15/2008, 2:19:02] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[02/15/2008, 2:19:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:02] - No filename found. Continuing.
[02/15/2008, 2:19:02] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[02/15/2008, 2:19:02] - BHO 8: {94204837-0871-4E6A-A426-7F75B1B731F0} (MSEvents Object)
[02/15/2008, 2:19:02] - ALERT: Found MSEvents Object!
[02/15/2008, 2:19:02] - BHO 9: {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (CNavExtBho Class)
[02/15/2008, 2:19:02] - BHO 10: {A95B2816-1D7E-4561-A202-68C0DE02353A} (MSEvents Object)
[02/15/2008, 2:19:02] - ALERT: Found MSEvents Object!
[02/15/2008, 2:19:02] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/15/2008, 2:19:02] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/15/2008, 2:19:02] - Finished Searching Browser Helper Objects
[02/15/2008, 2:19:02] - *** Detected MSEvents Object
[02/15/2008, 2:19:02] - Trying to remove MSEvents Object...
[02/15/2008, 2:19:03] - Terminating Process: IEXPLORE.EXE
[02/15/2008, 2:19:04] - Terminating Process: RUNDLL32.EXE
[02/15/2008, 2:19:04] - Disabling Automatic Shell Restart
[02/15/2008, 2:19:04] - Terminating Process: EXPLORER.EXE
[02/15/2008, 2:19:04] - Suspending the NT Session Manager System Service
[02/15/2008, 2:19:04] - Terminating Windows NT Logon/Logoff Manager
[02/15/2008, 2:19:04] - Re-enabling Automatic Shell Restart
[02/15/2008, 2:19:05] - File to disable: C:\WINDOWS\system32\yayaxyv.dll
[02/15/2008, 2:19:05] - Renaming C:\WINDOWS\system32\yayaxyv.dll -> C:\WINDOWS\system32\yayaxyv.dll.vir
[02/15/2008, 2:19:05] - File successfully renamed!
[02/15/2008, 2:19:05] - Removing HKLM\...\Browser Helper Objects\{94204837-0871-4E6A-A426-7F75B1B731F0}
[02/15/2008, 2:19:05] - Removing HKCR\CLSID\{94204837-0871-4E6A-A426-7F75B1B731F0}
[02/15/2008, 2:19:05] - Adding Kill Bit for ActiveX for GUID: {94204837-0871-4E6A-A426-7F75B1B731F0}
[02/15/2008, 2:19:05] - Deleting ATLEvents/MSEvents Registry entries
[02/15/2008, 2:19:05] - Removing HKLM\...\Winlogon\Notify\yayaxyv
[02/15/2008, 2:19:05] - Searching for Browser Helper Objects:
[02/15/2008, 2:19:05] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/15/2008, 2:19:05] - BHO 2: {326d4fc5-2eaa-43bc-9a0e-3663d16ff725} ()
[02/15/2008, 2:19:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:05] - Checking for HKLM\...\Winlogon\Notify\pssqauea
[02/15/2008, 2:19:05] - Key not found: HKLM\...\Winlogon\Notify\pssqauea, continuing.
[02/15/2008, 2:19:05] - BHO 3: {53C90290-B72A-47F5-8105-D1DCBF6F7000} ()
[02/15/2008, 2:19:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:05] - Checking for HKLM\...\Winlogon\Notify\pmkji
[02/15/2008, 2:19:05] - Key not found: HKLM\...\Winlogon\Notify\pmkji, continuing.
[02/15/2008, 2:19:05] - BHO 4: {5F2017E6-F6A6-46EB-99D9-0F244117064E} ()
[02/15/2008, 2:19:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:05] - Checking for HKLM\...\Winlogon\Notify\ssqrs
[02/15/2008, 2:19:05] - Key not found: HKLM\...\Winlogon\Notify\ssqrs, continuing.
[02/15/2008, 2:19:05] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/15/2008, 2:19:05] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[02/15/2008, 2:19:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:05] - No filename found. Continuing.
[02/15/2008, 2:19:05] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[02/15/2008, 2:19:05] - BHO 8: {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (CNavExtBho Class)
[02/15/2008, 2:19:05] - BHO 9: {A95B2816-1D7E-4561-A202-68C0DE02353A} (MSEvents Object)
[02/15/2008, 2:19:06] - ALERT: Found MSEvents Object!
[02/15/2008, 2:19:06] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/15/2008, 2:19:06] - BHO 11: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/15/2008, 2:19:06] - Finished Searching Browser Helper Objects
[02/15/2008, 2:19:06] - *** Detected MSEvents Object
[02/15/2008, 2:19:06] - Trying to remove MSEvents Object...
[02/15/2008, 2:19:07] - Terminating Process: IEXPLORE.EXE
[02/15/2008, 2:19:07] - Terminating Process: RUNDLL32.EXE
[02/15/2008, 2:19:07] - Disabling Automatic Shell Restart
[02/15/2008, 2:19:07] - Terminating Process: EXPLORER.EXE
[02/15/2008, 2:19:07] - Suspending the NT Session Manager System Service
[02/15/2008, 2:19:07] - Terminating Windows NT Logon/Logoff Manager
[02/15/2008, 2:19:07] - Re-enabling Automatic Shell Restart
[02/15/2008, 2:19:07] - File to disable: C:\WINDOWS\system32\vdlqntgi.dll
[02/15/2008, 2:19:07] - Renaming C:\WINDOWS\system32\vdlqntgi.dll -> C:\WINDOWS\system32\vdlqntgi.dll.vir
[02/15/2008, 2:19:07] - File successfully renamed!
[02/15/2008, 2:19:07] - Removing HKLM\...\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}
[02/15/2008, 2:19:07] - Removing HKCR\CLSID\{A95B2816-1D7E-4561-A202-68C0DE02353A}
[02/15/2008, 2:19:07] - Adding Kill Bit for ActiveX for GUID: {A95B2816-1D7E-4561-A202-68C0DE02353A}
[02/15/2008, 2:19:07] - Deleting ATLEvents/MSEvents Registry entries
[02/15/2008, 2:19:07] - Removing HKLM\...\Winlogon\Notify\vdlqntgi
[02/15/2008, 2:19:07] - Searching for Browser Helper Objects:
[02/15/2008, 2:19:07] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/15/2008, 2:19:07] - BHO 2: {326d4fc5-2eaa-43bc-9a0e-3663d16ff725} ()
[02/15/2008, 2:19:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:07] - Checking for HKLM\...\Winlogon\Notify\pssqauea
[02/15/2008, 2:19:07] - Key not found: HKLM\...\Winlogon\Notify\pssqauea, continuing.
[02/15/2008, 2:19:07] - BHO 3: {53C90290-B72A-47F5-8105-D1DCBF6F7000} ()
[02/15/2008, 2:19:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:07] - Checking for HKLM\...\Winlogon\Notify\pmkji
[02/15/2008, 2:19:07] - Key not found: HKLM\...\Winlogon\Notify\pmkji, continuing.
[02/15/2008, 2:19:07] - BHO 4: {5F2017E6-F6A6-46EB-99D9-0F244117064E} ()
[02/15/2008, 2:19:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:07] - Checking for HKLM\...\Winlogon\Notify\ssqrs
[02/15/2008, 2:19:07] - Key not found: HKLM\...\Winlogon\Notify\ssqrs, continuing.
[02/15/2008, 2:19:08] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/15/2008, 2:19:08] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[02/15/2008, 2:19:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/15/2008, 2:19:08] - No filename found. Continuing.
[02/15/2008, 2:19:08] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[02/15/2008, 2:19:08] - BHO 8: {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (CNavExtBho Class)
[02/15/2008, 2:19:08] - BHO 9: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/15/2008, 2:19:08] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/15/2008, 2:19:08] - Finished Searching Browser Helper Objects
[02/15/2008, 2:19:08] - Finishing up...
[02/15/2008, 2:19:08] - A restart is needed.
[02/15/2008, 2:19:27] - Attempting to Restart via STOP error (Blue Screen!)

[02/25/2008, 21:08:51] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\fabien\Bureau\VirtumundoBeGone.exe" )
[02/25/2008, 21:08:56] - Detected System Information:
[02/25/2008, 21:08:56] - Windows Version: 5.1.2600, Service Pack 2
[02/25/2008, 21:08:57] - Current Username: fabien (Admin)
[02/25/2008, 21:08:57] - Windows is in NORMAL mode.
[02/25/2008, 21:08:57] - Searching for Browser Helper Objects:
[02/25/2008, 21:08:57] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/25/2008, 21:08:57] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/25/2008, 21:08:57] - BHO 3: {2E58C789-A2C5-488E-B01D-FD27D5E2E798} ()
[02/25/2008, 21:08:57] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2008, 21:08:57] - Checking for HKLM\...\Winlogon\Notify\ssqrs
[02/25/2008, 21:08:57] - Key not found: HKLM\...\Winlogon\Notify\ssqrs, continuing.
[02/25/2008, 21:08:57] - BHO 4: {64FADF29-4BBB-4E0E-9ABC-B2F5D0B91560} ()
[02/25/2008, 21:08:57] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2008, 21:08:57] - Checking for HKLM\...\Winlogon\Notify\pmkji
[02/25/2008, 21:08:57] - Key not found: HKLM\...\Winlogon\Notify\pmkji, continuing.
[02/25/2008, 21:08:57] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/25/2008, 21:08:57] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[02/25/2008, 21:08:57] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2008, 21:08:57] - No filename found. Continuing.
[02/25/2008, 21:08:57] - BHO 7: {863D9361-9C21-4204-80EB-1BFDF5D30CAE} ()
[02/25/2008, 21:08:57] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2008, 21:08:57] - Checking for HKLM\...\Winlogon\Notify\vtuts
[02/25/2008, 21:08:57] - Key not found: HKLM\...\Winlogon\Notify\vtuts, continuing.
[02/25/2008, 21:08:57] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[02/25/2008, 21:08:57] - BHO 9: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/25/2008, 21:08:57] - BHO 10: {abb62163-e7d2-40e2-a894-da4ee035b718} ()
[02/25/2008, 21:08:57] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2008, 21:08:57] - Checking for HKLM\...\Winlogon\Notify\joubnfrh
[02/25/2008, 21:08:57] - Key not found: HKLM\...\Winlogon\Notify\joubnfrh, continuing.
[02/25/2008, 21:08:57] - BHO 11: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/25/2008, 21:08:57] - Finished Searching Browser Helper Objects
[02/25/2008, 21:08:57] - Finishing up...
[02/25/2008, 21:08:57] - Nothing found! Exiting...
0
Réponse 9 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
salut

bon, alors à priori, les fichiers qui suivent sont à supprimer mais tu vas les verifier avant , par prudence

C:\WINDOWS\system32\imhbgdyk.ini
C:\WINDOWS\system32\gpqtdnxc.ini
C:\WINDOWS\system32\instdump.dmp
C:\WINDOWS\system32\instdump.zip
C:\WINDOWS\system32\rbslnpsb.ini
C:\WINDOWS\system32\uhmnnvdb.ini
C:\WINDOWS\system32\wmbtnbuf.ini
C:\WINDOWS\system32\bilyjpko.ini

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche chacun des fichiers :
Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

bon courage ;)
0
Réponse 10 / 16
zouzou2 Messages postés 8 Statut Membre
 
Quand je fais "parcourir" depuis https://www.virustotal.com/gui/ je ne trouve aucun des fichiers que tu as listé dans le dossier C:\\Windows\System32 ??? J'ai lancé une recherche sur mon disque via le menu Démarrer\recherchertouslesfichiers..., aucun résultat non plus.
Du coup, j'ai copié le nom du fichier directement dans la barre sur la page du site virus total, et j'ai récupéré un à un, après pas mal d'attente, les rapports qui suivent :

Pour C:\WINDOWS\system32\imhbgdyk.ini :

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 294 bytes
MD5: ab04cf1907720fb0cab502d3be903037
SHA1: 9a687a333e83ecb5861a394c9e936e63939c9441
PEiD: -

Pour le fichier C:\WINDOWS\system32\gpqtdnxc.ini :

Fichier gpqtdnxc.ini reçu le 2008.02.26 21:37:21 (CET)
Résultat: 0/32 (0%)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 354 bytes
MD5: 07a28341ea65afea4795f128c63bf379
SHA1: a265ac42f0f7df4dba0173ebfd57201aa788dea6
PEiD: -

Pour le fichier : C:\WINDOWS\system32\instdump.dmp

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 90383 bytes
MD5: cf4806f3384839e88429e0221fb9288c
SHA1: 346741154f2d0c1d0e2a184b36998c9010645efd
PEiD: -

Pour le fichier : C:\WINDOWS\system32\instdump.zip

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 20879 bytes
MD5: be6c88b3a8785bab5f76d95b14f6f56e
SHA1: 75372ad3f1e6f486fbc4712bf1d17f2bd7e7c407
PEiD: -

Pour le fichier : C:\WINDOWS\system32\rbslnpsb.ini :

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 3714 bytes
MD5: d295eabbf12844c9b85cbf4c82f951b9
SHA1: 69ae81c0787fb80fb9217f37d9cf6b99c0714714
PEiD: -

Pour le fichier : C:\WINDOWS\system32\uhmnnvdb.ini

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 1854 bytes
MD5: e7abf3dd868c01c9d57dd20e6bbd535d
SHA1: d7f2fcd7b66a3905d751fbb63b3afd09cbe34fd8
PEiD: -

Pour le fichier : C:\WINDOWS\system32\wmbtnbuf.ini

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.26 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 1494 bytes
MD5: 96ab81d69912d819a54811e590a31de2
SHA1: 52f03bf98f62703ee15b2053c09d129a3fe816e4
PEiD: -

Pour le fichier : C:\WINDOWS\system32\bilyjpko.ini

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.26 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 1074 bytes
MD5: f6b82aad1448046d3a5c634051d39ccc
SHA1: b0ecbee643081ca9ea51f6154e03d2a8b80f56df
PEiD: -
0
Réponse 11 / 16
zouzou2 Messages postés 8 Statut Membre
 
Quand je fais "parcourir" depuis https://www.virustotal.com/gui/ je ne trouve aucun des fichiers que tu as listé dans le dossier C:\\Windows\System32 ??? J'ai lancé une recherche sur mon disque via le menu Démarrer\recherchertouslesfichiers..., aucun résultat non plus.
Du coup, j'ai copié le nom du fichier directement dans la barre sur la page du site virus total, et j'ai récupéré un à un, après pas mal d'attente, les rapports qui suivent :

Pour C:\WINDOWS\system32\imhbgdyk.ini :

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 294 bytes
MD5: ab04cf1907720fb0cab502d3be903037
SHA1: 9a687a333e83ecb5861a394c9e936e63939c9441
PEiD: -

Pour le fichier C:\WINDOWS\system32\gpqtdnxc.ini :

Fichier gpqtdnxc.ini reçu le 2008.02.26 21:37:21 (CET)
Résultat: 0/32 (0%)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.25 -
F
0
Réponse 12 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
Salut, un peu en retard , mais j'etais pas disponible avabt

les fichiers pas present ,..... bon fait ceci

Sélectionne le texte suivant (en gras) dans son intégralité :

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E58C789-A2C5-488E-B01D-FD27D5E2E798}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64FADF29-4BBB-4E0E-9ABC-B2F5D0B91560}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{863D9361-9C21-4204-80EB-1BFDF5D30CAE}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{abb62163-e7d2-40e2-a894-da4ee035b718}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"6d9186ee"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\6d9186ee]

File::
C:\WINDOWS\system32\imhbgdyk.ini
C:\WINDOWS\system32\gpqtdnxc.ini
C:\WINDOWS\system32\instdump.dmp
C:\WINDOWS\system32\instdump.zip
C:\WINDOWS\system32\rbslnpsb.ini
C:\WINDOWS\system32\uhmnnvdb.ini
C:\WINDOWS\system32\wmbtnbuf.ini
C:\WINDOWS\system32\bilyjpko.ini

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt

Déconnecte toi du net et désactive ton antivirus pour que Combofix puisse s'exécuter normalement .

Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe ( sur ton Bureau)

* Une fenêtre bleue va apparaître: au message qui apparaît Type 1 to continue, or 2 to abort , tape 1 puis valide.

* Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal

Ne touche à rien tant que le scan n'est pas terminé.

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisses-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu et un nouveau rapport HijackThis

Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à Internet.

à demain
0
Réponse 13 / 16
zouzou2 Messages postés 8 Statut Membre
 
Rapport combofix :

ComboFix 08-02-25.3 - fabien 2008-02-27 13:29:18.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1417 [GMT 1:00]
Endroit: C:\Documents and Settings\fabien\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\fabien\Bureau\CFScript.txt.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\WINDOWS\system32\bilyjpko.ini
C:\WINDOWS\system32\gpqtdnxc.ini
C:\WINDOWS\system32\imhbgdyk.ini
C:\WINDOWS\system32\instdump.dmp
C:\WINDOWS\system32\instdump.zip
C:\WINDOWS\system32\rbslnpsb.ini
C:\WINDOWS\system32\uhmnnvdb.ini
C:\WINDOWS\system32\wmbtnbuf.ini
.
[color=purple]The following files were disabled during the run:[/color]
C:\WINDOWS\system32\sockspy.dll

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\bilyjpko.ini
C:\WINDOWS\system32\gpqtdnxc.ini
C:\WINDOWS\system32\imhbgdyk.ini
C:\WINDOWS\system32\instdump.dmp
C:\WINDOWS\system32\instdump.zip
C:\WINDOWS\system32\rbslnpsb.ini
C:\WINDOWS\system32\uhmnnvdb.ini
C:\WINDOWS\system32\wmbtnbuf.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))))))))
.

2008-02-27 13:28 . 2008-02-27 13:31 53,248 --a------ C:\WINDOWS\PSEXESVC.EXE
2008-02-23 09:51 . 2008-02-23 09:51 <REP> d-------- C:\VundoFix Backups
2008-02-23 09:25 . 2008-02-23 09:25 <REP> d-------- C:\Program Files\Java
2008-02-23 09:25 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-23 00:55 . 2008-02-23 00:55 <REP> d-------- C:\Program Files\Trend Micro
2008-02-22 22:57 . 2008-02-22 22:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-02-22 22:54 . 2008-02-22 22:54 <REP> d-------- C:\Program Files\Yahoo!
2008-02-15 21:00 . 2008-02-23 00:44 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-02-15 13:52 . 2008-02-23 01:11 <REP> d-------- C:\Program Files\Navilog1
2008-02-15 02:22 . 2008-02-15 02:22 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft
2008-02-15 02:22 . 2008-02-15 02:22 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Bitdefender
2008-02-15 01:25 . 2008-02-15 22:10 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-14 00:18 . 2008-02-14 00:18 <REP> d-------- C:\Documents and Settings\fabien\Application Data\Bitdefender
2008-02-14 00:05 . 2008-02-14 00:46 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-02-14 00:04 . 2008-02-27 13:28 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-02-13 23:58 . 2008-02-13 23:58 <REP> d-------- C:\Program Files\Softwin
2008-02-13 23:58 . 2008-02-13 23:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-02-13 23:56 . 2008-02-13 23:59 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-02-13 22:27 . 2008-02-13 22:27 <REP> d-------- C:\Documents and Settings\fabien\Application Data\Grisoft
2008-02-13 22:25 . 2008-02-13 22:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-13 22:25 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-13 22:00 . 2008-02-13 22:00 <REP> d-------- C:\Program Files\CCleaner
2008-02-06 18:26 . 2008-02-06 18:26 <REP> d--hs---- C:\Documents and Settings\NetworkService\Temporary Internet Files
2008-02-06 18:26 . 2008-02-07 00:30 <REP> d--hs---- C:\Documents and Settings\NetworkService\Historique

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-27 11:04 31,468 ----a-w C:\Documents and Settings\fabien\Application Data\wklnhst.dat
2008-02-26 20:04 --------- d-----w C:\Documents and Settings\fabien\Application Data\OpenOffice.org2
2008-02-23 08:40 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-02-23 08:17 --------- d-----w C:\Program Files\Logitech
2008-02-20 23:35 --------- d-----w C:\Documents and Settings\fabien\Application Data\BitTorrent
2008-01-27 13:31 --------- d-----w C:\Program Files\BitTorrent
2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2008-01-03 07:38 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-01-03 07:35 --------- d-----w C:\Program Files\OpenOffice.org 2.3 Installation Files
2008-01-02 17:45 --------- d-----w C:\Program Files\Livret scolaire départemental Cycle 3
2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 05:08 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 00:47 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 00:47 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 00:47 1,499,648 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 00:47 1,056,768 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 00:47 1,024,512 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ------w C:\WINDOWS\system32\dllcache\oleaut32.dll
2005-09-24 06:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-25 05:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-05 15:13 68856]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 20:34 64512]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58 458752]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 21:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 21:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 21:17 118784]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 16:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 06:22 794713]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 14:14 102400]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11 49152]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 10:33 163840]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 09:50 40960]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23 1187840]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [2006-02-09 08:52 643072]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 00:03 284184]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 20:58 746520]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 07:38 241664]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-03 00:28 185632]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2006-12-15 18:23 139264]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-04-02 16:48 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 21:01 244512]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-25 05:00 15360]

C:\Documents and Settings\fabien\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30 73728]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\mqsvc.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=

R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-03 16:55:12 C:\WINDOWS\Tasks\Connexion facile à Internet.job"
- C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exef/remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-27 13:31:30
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ???pP??????`?@?????L?@

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-27 13:32:02
ComboFix-quarantined-files.txt 2008-02-27 12:31:59
ComboFix2.txt 2008-02-25 18:41:49
.
2008-02-15 21:10:41 --- E O F ---

Rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:33:32, on 27/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: bw+0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {57B41547-15E0-438E-B18F-489D051247F8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 14 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
salut

ou en sont tes problemes d'origine ?

0
Réponse 15 / 16
zouzou2 Messages postés 8 Statut Membre
 
Salut et bravo.
- Fenêtre publicitaire intempestive : plus de problème du tout, super.
- Bureau qui disparaît : terminé, re-super.
- Messages d'erreur à l'ouverture : y'en a plus, merci. ... sauf l'info bulle sur l'icone de connexion qui dit que la connectivité est limitée ou inexistante, on clique dessus, puis on clique sur réparer, des messages défilent de reconfiguration de l'adresse IP... puis c'est bon ça marche (donc pas vraiment de problème).

Un grand merci à toi pour ton aide ! Maintenant on te conseille de dormir un peu...
Si tu rêves à une solution pour notre petit souci de réparation de connexion, on reste à l'écoute.
Comment on classe notre problème en "résolu" ?
0
Réponse 16 / 16
noctambule28 Messages postés 33382 Date d'inscription   Statut Webmaster Dernière intervention   2 858
 
salut

j'ai pas trop de temps en ce moment, mais je reflechis à tes soucis de connexions

je mets en résolu ( pour ce qui concerne virus/securité), je peux le faire à ta place ( comme tu as ouvert le topic en anonyme, tu ne peux pas, mais j'ai un statut qui me permet de le faire).

si j'ai une solution , je te la donne ici tu la verras apparaitre dans tes interventions
a+
0

Discussions similaires

Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Ouvrir document Publisher sans Publisher
Curtis Hayes -
Curtis Hayes -

7 réponses
lire un fichier .pub
xycoco -
Valou -

38 réponses
Conversation snap disparus
Voxtorix -
cookie256 -

3 réponses