Bonjour, j'ai été infectée par ce virus, je n'arrive pas à m'en débarrasser et il a plutôt tendance à se répandre dans mon pc. Je suis néophite en info donc je cherche quelqu'un de plus doué qui pourrait m'aider. Merci

Win32:small-JMH [Résolu]

Réponse 1 / 20

Utilisateur anonyme

Appliquer exactement les procédures indiquées.
Rester devant la machine en rafraichissant souvent le forum pour voir les nouvelles réponses.
Répondre sans attendre à toutes les questions posées

Fais ça

Télécharge MSNFix.zip (de !aur3n7 et Regis59) sur le bureau :
http://sosvirus.changelog.fr/MSNFix.zip
Conseil : Toujours télécharger avant utilisation pour profiter des dernières mises à jour.
Remarque: Il est possible que l'antivirus détécte un virus au téléchargement, il s'agit de Process.exe qui est un faux positif.

Décompresse-le (clic droit : Extraire ici).
A la racine du système, déplace le dossier décompressé, comme suit :
C:\MSNFix.
Ouvre-le et double clique sur le fichier MSNFix.bat
.
- Exécutez l'option R.
- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage.
- Sauvegarde ce rapport puis fais-en un copier/coller sur le forum, ainsi qu'un scan HijackThis fait en mode normal.
- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt
Poste-le dans une réponse.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.

Joins à ce rapport, des nouvelles et un nouveau log Hijackthis.

Réponse 2 / 20

erebolini Messages postés 15 Statut Membre

j'ai déjà essayé mais à chaque démarrage il se régénère.

Réponse 3 / 20

erebolini Messages postés 15 Statut Membre

et je sais pas faire un rapport hijackthis

Réponse 4 / 20

Utilisateur anonyme

HijackThis

• Télécharger HijackThis ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
• Installer HijackThis dans un répertoire dédié NON Temporaire
(afin de conserver les sauvegardes qu'il fait) et en le renommant Monjack
• Fermer toutes les applications
• Lancer hitjackthis
• Click sur Do a system scan and save a logfile

Un rapport en fichier text va s'ouvrir.
Le copier et le coller sur le forum

erebolini Messages postés 15 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:52:50, on 27/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
D:\Program Files\OpenOffice.org 2.3\program\soffice.exe
D:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Monjack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Elisa\LOCALS~1\Temp\winlogon.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: IntelligentAdvisor - {6548BF73-58FF-71D5-F97D-17C71E323709} - C:\Program Files\IntelligentAdvisor\IntelligentAdvisor-1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Streams Drivers] C:\DOCUME~1\Elisa\LOCALS~1\Temp\winlogon.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\DOCUME~1\Elisa\LOCALS~1\Temp\E_S195.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = D:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

Réponse 5 / 20

Utilisateur anonyme

Installe ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
sur le bureau

1) Double clique sur l'icône qui s'est installé sur ton bureau :

2) Appuie sur la touche "1" puis sur "entrée":

Laisse le travailler

Un rapport va être générer, post le ici puis un rapport hitjackthis

erebolini Messages postés 15 Statut Membre

Le lien ne fonctionne pas

Réponse 6 / 20

Utilisateur anonyme

http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe

Réponse 7 / 20

erebolini Messages postés 15 Statut Membre

Euh... ca ne marche pas non plus :s

Utilisateur anonyme

???? Chez moi ça marche parfaitement

erebolini Messages postés 15 Statut Membre > Utilisateur anonyme

Quand je clique sur le lien il ne veut pas que je l'enregistre et quand je fais "enregistrrer la cible sous" il me dit que le fichier n'existe pas ou qu'il a été modifié

Réponse 8 / 20

Utilisateur anonyme

Essaye avec un click droit sur le lien et "Enregistrer la cible du lien sous"

Réponse 9 / 20

Utilisateur anonyme

Quand je clique sur le lien il ne veut pas que je l'enregistre
==============
Qu'est ce que tu as comme message?

erebolini Messages postés 15 Statut Membre

Il me dit voulez-vous enregistrer ce fichier ?
Mais le chois Enregistrer le fichier est en grisé je ne peux pas cliquer desses
Je peux juste faire annuler

Utilisateur anonyme > erebolini Messages postés 15 Statut Membre

Tu attends une 10zaine de secondes et même s'il est grisé tu cliques dessus. Ca devrait le faire

Réponse 10 / 20

erebolini Messages postés 15 Statut Membre

maintenant il me dit que c'est une application win32 non valide. Il ne veut pas l'ouvrir

Réponse 11 / 20

Utilisateur anonyme

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Finalement c'est le bon serveur mais il semble surchargé, j'ai réussi à le télcharger une fois.

Si tu veux je t'envoie le fichier par mail. Donne moi une adresse.

erebolini Messages postés 15 Statut Membre

elle est sur mon profil tu dois pouvoir la voir.

Réponse 12 / 20

Utilisateur anonyme

C'est envoyé

erebolini Messages postés 15 Statut Membre

ComboFix 08-02-19.2 - Elisa 2008-02-27 13:16:09.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.439 [GMT 1:00]
Endroit: C:\Documents and Settings\Elisa\Bureau\ComboFix(2).exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))))))))
.

2008-02-27 11:51 . 2008-02-27 11:58 <REP> d-------- C:\Program Files\Trend Micro
2008-02-27 11:51 . 2008-02-27 11:51 <REP> d-------- C:\Program Files\iPod
2008-02-26 16:39 . 2008-02-26 16:39 <REP> d-------- C:\Program Files\Unlocker
2008-02-25 21:20 . 2008-02-27 08:58 <REP> d----c--- C:\Mes documents
2008-02-25 20:45 . 2008-02-25 20:45 <REP> d-------- C:\Program Files\PlayMP3z
2008-02-25 20:45 . 2008-02-25 20:45 <REP> d-------- C:\Program Files\IntelligentAdvisor
2008-02-25 20:40 . 2008-02-25 20:40 2,563 --a------ C:\WINDOWS\image.jpg
2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-27 10:52 --------- d-----w C:\Program Files\iTunes
2008-02-27 10:49 --------- d-----w C:\Program Files\QuickTime
2008-02-27 10:38 --------- d-----w C:\Program Files\Mozilla Firefox
2008-02-26 18:45 --------- dc----w C:\Documents and Settings\Elisa\Application Data\OpenOffice.org2
2008-02-26 14:53 1,598,029,824 --sha-w C:\pagefile.sys
2008-02-26 14:53 1,063,374,848 --sha-w C:\hiberfil.sys
2008-02-25 23:44 --------- d-----w C:\Program Files\Windows Live
2008-02-25 23:14 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-02-25 20:17 --------- dc----w C:\Documents and Settings\Elisa\Application Data\LimeWire
2008-02-14 05:36 --------- d-----w C:\Program Files\Internet Explorer
2008-02-04 23:09 18,214,008 ----a-w C:\WINDOWS\system32\MRT.exe
2008-01-23 15:41 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-22 16:32 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
2008-01-22 16:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-22 16:32 --------- d-----w C:\Program Files\Logitech
2008-01-22 16:32 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-01-22 16:30 --------- dc----w C:\Documents and Settings\All Users\Application Data\Logitech
2008-01-22 16:30 --------- d-----w C:\Program Files\Fichiers communs\Logishrd
2008-01-22 16:30 --------- d-----w C:\Program Files\Fichiers communs
2008-01-07 20:08 --------- d-----w C:\Program Files\PowerQuest
2007-12-28 23:07 --------- d-----w C:\Program Files\NetWaiting
2007-12-07 14:37 3,080,192 ----a-w C:\WINDOWS\system32\mshtml.dll
2007-12-06 23:40 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6548BF73-58FF-71D5-F97D-17C71E323709}]
2007-12-11 22:27 1019904 --a------ C:\Program Files\IntelligentAdvisor\IntelligentAdvisor-1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-01-22 17:33 36864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 14:13 472776]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 13:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2006-08-14 13:39 98304]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-08-14 13:41 114688]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2006-08-14 13:38 94208]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 09:58 159744]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-07-13 13:02 40960]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-05 13:19 180269]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-09-05 16:55 1200178]
"EoEngine"="" []
"EoTraduction"="" []
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 01:03 284184]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 21:58 746520]
"LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 22:01 244512]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09 15360]

C:\Documents and Settings\Elisa\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - D:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-22 17:33:02 196608]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56 65588]

*Newly Created Service* - IPOD_SERVICE
*Newly Created Service* - UNLOCKERDRIVER5
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-25 18:36:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-27 13:23:46
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Y??????g?@?????L?@

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Program Files\Unlocker\UnlockerHook.dll
.
ComboFix 08-02-19.2 - Elisa 2008-02-27 13:16:09.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.439 [GMT 1:00]
Endroit: C:\Documents and Settings\Elisa\Bureau\ComboFix(2).exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))))))))
.

2008-02-27 11:51 . 2008-02-27 11:58 <REP> d-------- C:\Program Files\Trend Micro
2008-02-27 11:51 . 2008-02-27 11:51 <REP> d-------- C:\Program Files\iPod
2008-02-26 16:39 . 2008-02-26 16:39 <REP> d-------- C:\Program Files\Unlocker
2008-02-25 21:20 . 2008-02-27 08:58 <REP> d----c--- C:\Mes documents
2008-02-25 20:45 . 2008-02-25 20:45 <REP> d-------- C:\Program Files\PlayMP3z
2008-02-25 20:45 . 2008-02-25 20:45 <REP> d-------- C:\Program Files\IntelligentAdvisor
2008-02-25 20:40 . 2008-02-25 20:40 2,563 --a------ C:\WINDOWS\image.jpg
2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-27 10:52 --------- d-----w C:\Program Files\iTunes
2008-02-27 10:49 --------- d-----w C:\Program Files\QuickTime
2008-02-27 10:38 --------- d-----w C:\Program Files\Mozilla Firefox
2008-02-26 18:45 --------- dc----w C:\Documents and Settings\Elisa\Application Data\OpenOffice.org2
2008-02-26 14:53 1,598,029,824 --sha-w C:\pagefile.sys
2008-02-26 14:53 1,063,374,848 --sha-w C:\hiberfil.sys
2008-02-25 23:44 --------- d-----w C:\Program Files\Windows Live
2008-02-25 23:14 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-02-25 20:17 --------- dc----w C:\Documents and Settings\Elisa\Application Data\LimeWire
2008-02-14 05:36 --------- d-----w C:\Program Files\Internet Explorer
2008-02-04 23:09 18,214,008 ----a-w C:\WINDOWS\system32\MRT.exe
2008-01-23 15:41 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-22 16:32 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
2008-01-22 16:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-22 16:32 --------- d-----w C:\Program Files\Logitech
2008-01-22 16:32 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-01-22 16:30 --------- dc----w C:\Documents and Settings\All Users\Application Data\Logitech
2008-01-22 16:30 --------- d-----w C:\Program Files\Fichiers communs\Logishrd
2008-01-22 16:30 --------- d-----w C:\Program Files\Fichiers communs
2008-01-07 20:08 --------- d-----w C:\Program Files\PowerQuest
2007-12-28 23:07 --------- d-----w C:\Program Files\NetWaiting
2007-12-07 14:37 3,080,192 ----a-w C:\WINDOWS\system32\mshtml.dll
2007-12-06 23:40 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6548BF73-58FF-71D5-F97D-17C71E323709}]
2007-12-11 22:27 1019904 --a------ C:\Program Files\IntelligentAdvisor\IntelligentAdvisor-1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-01-22 17:33 36864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 14:13 472776]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 13:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2006-08-14 13:39 98304]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-08-14 13:41 114688]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2006-08-14 13:38 94208]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 09:58 159744]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-07-13 13:02 40960]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-05 13:19 180269]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-09-05 16:55 1200178]
"EoEngine"="" []
"EoTraduction"="" []
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 01:03 284184]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 21:58 746520]
"LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 22:01 244512]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09 15360]

C:\Documents and Settings\Elisa\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - D:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-22 17:33:02 196608]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56 65588]

*Newly Created Service* - IPOD_SERVICE
*Newly Created Service* - UNLOCKERDRIVER5
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-25 18:36:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-27 13:23:46
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Y??????g?@?????L?@

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Program Files\Unlocker\UnlockerHook.dll
.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:29, on 2008-02-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
D:\Program Files\OpenOffice.org 2.3\program\soffice.exe
D:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\Monjack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: IntelligentAdvisor - {6548BF73-58FF-71D5-F97D-17C71E323709} - C:\Program Files\IntelligentAdvisor\IntelligentAdvisor-1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = D:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

Réponse 13 / 20

Utilisateur anonyme

Ferme toutes les fenêtres et applications.
Relance HijackThis et clique sur > Do a system scan only puis, coche
les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: IntelligentAdvisor - {6548BF73-58FF-71D5-F97D-17C71E323709} - C:\Program Files\IntelligentAdvisor\IntelligentAdvisor-1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

Ensuite, clique sur > Fix checked et valide par "Yes". Referme HijackThis.

Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche ---> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».

Rends-toi dans > Démarrer > Panneau de config. > Ajout/suppres… de prog.

Supprime, si tu le(s) trouves > IntelligentAdvisor - eoRezo

Ensuite, va dans > Démarrer > Poste de travail > C:\

C:\Program Files\IntelligentAdvisor
C:\Program Files\eoRezo
C:\Documents and Settings\Noms\Application Data\EoRezo

Supprime le(s) fichier(s)/dossier(s)/programme(s) en gras, si tu le(s) trouves.

Vide la Corbeille.

Annonce quand c'est fini il y aura encore un peu de manip

erebolini Messages postés 15 Statut Membre

Voila c'est fait

Réponse 14 / 20

Utilisateur anonyme

Tu as trouvé les programmes

C:\Program Files\IntelligentAdvisor
C:\Program Files\eoRezo

?

erebolini Messages postés 15 Statut Membre

Le premier oui l'autre non .
Celui dans program files je l'ai trouve

Réponse 15 / 20

Utilisateur anonyme

Relance la machine

Nettoyage avec CCleaner
On va faire un peu le ménage

• Télécharger CCLeaner et l'installer sur le bureau en refusant l'installation de la barre Yahoo.
http://download.piriform.com/ccsetup205.exe
• Fermer toutes les applications
• Lancer CCLeaner
S'il n'est pas en Français cliquer sur Options, Setting, Language
et sélectionner Français
• cocher dans le menu Nettoyeur - onglet Windows :
Internet Explorer: Fichiers Internet Temporaires, Cookies
• Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
• Avancé: Vieilles données du Prefetch
• Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
Firefox/Mozilla: Cache Internet, Cookies
• Click sur Analyse
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur.
• Click sur Registre
• Sélectionner tout
• Click sur Chercher des erreurs (En bas)

Une fois le scan terminé sélectionner tout
• Click sur Réparer les erreurs sélectionnées

Reposte un rapport HJ

erebolini Messages postés 15 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:27, on 2008-02-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Program Files\OpenOffice.org 2.3\program\soffice.exe
D:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\Monjack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = D:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {13F5EE10-EC72-489A-8E04-E4CADDE42450} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

Réponse 16 / 20

Utilisateur anonyme

Le rapport est super-clean

Installe un pare-feu. (Indispensable, celui de XP pour commencer)

Puis fait ceci pour avoir un point de restauration propre

Désactiver les points de restauration du système
Pour cela
• Click-droit sur l'icône Poste de travail
• Click sur Propriétés
• Click sur l'onglet Restauration du système.
• Sélectionner Désactiver la Restauration du système
ou Désactiver la Restauration du système sur tous les lecteurs
• Click sur Appliquer.
Tout les points de restauration seront supprimé.
• Click sur Oui.
• Click sur OK.

Relance la machine puis

Activer / réactiver la restauration du système de Windows XP

• Click avec le bouton droit sur Poste de travail
• Click sur Propriétés.
• Click sur l'onglet Restauration du système.
• Désélectionner Désactiver la Restauration du système
ou Désactiver la Restauration du système sur tous les lecteurs.
• Click sur Appliquer
• Click Ok

La restauration du système créera régulièrement des sauvegardes
de fichiers système et fichiers de programme sélectionnés.

C'est terminé

N'oublie pas de mettre en résolu.

Réponse 17 / 20

erebolini Messages postés 15 Statut Membre

Merci beaucoup. Juste une dernière chose, je fais comment pour le pare feu ?

Réponse 18 / 20

Utilisateur anonyme

Démarrer
Parametres
Panneau de configuration
Pare-feu de Windows
Clique sur Activé
OK

Comment va le PC?

soleane1988 Messages postés 1 Statut Membre

bonjour,
voila j'ai eu le meme probleme.
j'ai cru naïvement qu'une copine me donnait le lien d'un site ou y avait ma photo et malheureusement c'est pas une tof que j'ai trouvée!!
j'ai d'abord téléchargé MSNFix, puis avast cleaner.
j'ai ensuite suivit ta procédure, mais j'ai bien peur que le virus soit toujours la :s
quand j'ouvre msn, mes fenetre de convers s'ouvre et se reerme toute seule. je ne sais pas lire les rapports, peux tu m'aider?

Réponse 19 / 20

erebolini Messages postés 15 Statut Membre

c nickel merci bcp

Réponse 20 / 20

Utilisateur anonyme

Tu as bien travaillé
a+

Win32:small-JMH

20 réponses

Votre réponse

Discussions similaires

Newsletters