Sujet Précédent Sujet Suivant

Cheval de troie win32 : small - JMH [trj]

Fermé
Ptilionfou - 15 mars 2008 à 19:06
 karlyto - 16 avril 2008 à 21:43
Bonjour,

Comme pour beaucoup ces dernières semaines, le PC de ma sœur est infecté par ce cheval de Troie win32 : small - JMH [trj], qu'Avast n'arrive pas à supprimer. J'ai lu beaucoup de topics à ce sujet et je vois que chaque réponse est personnalisée en fonction du PC de la personne qui a créé le topic.

Je crée donc le mien afin d'avoir une réponse adaptée à ma situation.
Merci par avance.



Voici le rapport généré par l'appli Micro HiJackThis v2.0.2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:02:51, on 15/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\NTR global\NTRconnect\NTRconnect.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Orange HSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Wallpaper\Wallpaper.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Orange HSS\connectivity\connectivitymanager.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Spyware Doctor\pctsGui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Fred\LOCALS~1\Temp\services.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6ACF817-0A85-4EBE-9F0A-096C6488CFEA} (NTR ActiveX 1.1.8) - https://www.ntrconnect.com/main/mod/setup/ntractivex118_24.cab
O18 - Protocol: bw+0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NTRconnect (ntrconnect) - Net Transmit & Receive - C:\Program Files\NTR global\NTRconnect\NTRconnect.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
A voir également:

4 réponses

Réponse 1 / 4
cht! Messages postés 467 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 15 septembre 2008 36
15 mars 2008 à 20:01
salut,
relance hijackthis et coche les lignes suivantes puis clique sur "fixed checked"

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O18 - Protocol: bw+0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {077D9279-8B5E-4A04-A7BD-52AEC8917D9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll


ensuite

télécharge et installe msnfix

http://sosvirus.changelog.fr/MSNFix.zip

Décompresse-le et double clic sur le fichier MSNFix.bat.
- Appuis sur F pour choisir la langue puis ENTRE.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.


Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
_____________________



colle un rapport hijackthis et dis tes soucis actuels


http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

http://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html%27+String.fromCharCode(60)+%27b%27+String.fromCharCode(62)+%2780%27+String.fromCharCode(60)+%27/b%27+String.fromCharCode(62)+%27 message(s) posté(s) depuis le '+String.fromCharCode(60)+'b'+String.fromCharCode(62)+'mercredi 2 janvier 2008'+String.fromCharCode(60)+'/b'+String.fromCharCode(62)+'
0
Réponse 2 / 4
vaisongang Messages postés 1 Date d'inscription mardi 18 mars 2008 Statut Membre Dernière intervention 18 mars 2008
18 mars 2008 à 17:06
J'ai le meme probleme !
pouvez vous m'aider ???

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:05:56, on 18/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\PVSW\Bin\WGE_SRV.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\SARL CINDEZ\Local Settings\Temporary Internet Files\Content.IE5\JXPF5RYF\aswclnr[2].exe
C:\Documents and Settings\SARL CINDEZ\Local Settings\Temporary Internet Files\Content.IE5\JXPF5RYF\aswclnr[2].tmp
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

0
cht! Messages postés 467 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 15 septembre 2008 36
18 mars 2008 à 17:17
1: ton log n'est pas complet
2: crée ton propre sujet pour plus de facilité sur le forum
0
Réponse 3 / 4
chris33
18 mars 2008 à 17:20
kiss salut g un trojean Win32:Small-JMH [Trj] ki s ouvre a chaque fois ke je redemarre l ordi comment faire pour le supprumé antivirus c avast
le virus est dans C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp
voila merci de me repondre a bientot biz chris.......
0
cht! Messages postés 467 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 15 septembre 2008 36
18 mars 2008 à 17:23
salut, essaye de démarer ton ordi en mode sans echec et d'aller le supprimer manuellement...
sinon refait toutes les manip (sauf hijackthis) que nous t'avons dites en mode sans echec...
0
Réponse 4 / 4
karlyto
16 avril 2008 à 21:43
Bonjour,
voila j'ai un probléme avec mon ordinateur, il détécte le virus Win32:Trash-F [Trj] et pourtant j'ai AVAST comme anti-virus mais chaque fois qu'il me le détécte et que je fait : "mettre en quarantaine" il me raffiche le virus quelque minute apres je mis connais pas vraiment en informatique et je voudrais savoir si quelqun pourrais m'aider .
merci d'avance
0

Discussions similaires

Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Présence ou non de cheval de troie ?
hunter55 -
Malekal_morte- -

14 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
windows defender cheval de troie
dplonguet -
Faarid.31 -

3 réponses