Sujet Précédent Sujet Suivant

WIN32:Agent-IVT Impossible à supprimer

Résolu/Fermé
Amny - 24 mars 2008 à 01:01
 Amny - 4 avril 2008 à 22:34
Bonjour,
voilà mon soucis est le trojan cité dans le titre qui apparement me pose problème, je n'arrive pas à m'en débarasser avec avast avec désactivation de la restauration système et scan en mode sans échec.
Il se trouve que j'ai 2 partitions, la partition system que j'ai déjà formaté pensant que ca allez m'aider à résoudre mon problème et une autre que je n'ai pas formaté, car j'aimerai si possible trouver une solution plutôt que d'en arriver là ;)

Voiçi mon log avast, avec la première ligne le fichier en question, et les deux autres qui apparaissent dès que je me connecte à internet.

24/03/2008 00:23:10 SYSTEM 1920 Sign of "Win32:Agent-IVT [Trj]" has been found in "C:\WINDOWS\system32\horexv98.dll" file.
24/03/2008 00:28:23 SYSTEM 1920 Sign of "Win32:Agent-LTO [Trj]" has been found in "C:\Documents and Settings\Amnezia\Local Settings\Temporary Internet Files\Content.IE5\45MJSXIR\server[1].exe\[Upack]" file.
24/03/2008 00:29:22 SYSTEM 1920 Sign of "Win32:Agent-LTO [Trj]" has been found in "C:\WINDOWS\system32\ksavp.exe\[Upack]" file.

Voiçi un log hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:50:01, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\VentriloMIX\VentriloMIX.exe
C:\Program Files\VentriloMIX\Ventrilo 2.1.4.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C6FB348-B55D-400F-BB21-C1949D2D1EDE}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bw+0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: portablemsi - Unknown owner - C:\WINDOWS\system32\tcpip.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

7 réponses

Réponse 1 / 7
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
4 avril 2008 à 21:17
Salut

Désolée mais je ne joue pas sur deux tableaux
http://forums.ixus.fr/viewtopic.php?p=254005

Ce qui veut dire, que tu vas faire ce qu'on te demande là-bas, et ici ► conflits

Donc pour moi, les solutions sont de dépanner un PC.
Je laisse la main à l'autre forum

Bon courage

A++

2
Réponse 2 / 7
jean-mi66 Messages postés 54 Date d'inscription mercredi 7 novembre 2007 Statut Membre Dernière intervention 10 juin 2008 5
24 mars 2008 à 01:18
Bonjour,
je viens de regarder dans la liste des troyens connus à ce jour, je n'ai pas trouvé ce IVT. Attendez la mise à jour de votre antivirus ou chargez pcciline (pas sûr pour l'orthographe, pour vacciner le pc (www.pctools) mais il doit se trouver ici
0
Réponse 3 / 7
Amny
24 mars 2008 à 02:41
J'ai choppé le gros lot si il n'est pas connu :(

Par contre pour pc-cillin, ca me renvoyé toujours à "trend micro internet security" est-ce le meme programme ? j'ai essayé de l'installer mais il allait rentrer en conflit avec avast donc j'ai préférer stopper l'installation surtout si c'était pas le bon programme..

Sinon grâce à Prevx CSI , j'ai déjà supprimé la ligne et les fichiers correspondants à
O23 - Service: portablemsi - Unknown owner - C:\WINDOWS\system32\tcpip.exe
dans hijackthis car il correspondait à des malware et depuis je n'ai plus affaire aux fichiers ci dessous, du moins depuis mon redémarrage et environ 30min sur internet, donc peut etre juste une coincidence

Citation:
24/03/2008 00:28:23 SYSTEM 1920 Sign of "Win32:Agent-LTO [Trj]" has been found in "C:\Documents and Settings\Amnezia\Local Settings\Temporary Internet Files\Content.IE5\45MJSXIR\server[1].exe\[Upack]" file.
24/03/2008 00:29:22 SYSTEM 1920 Sign of "Win32:Agent-LTO [Trj]" has been found in "C:\WINDOWS\system32\ksavp.exe\[Upack]" file.


Par contre ca bloque toujours sur mon WIN32:Agent-IVT Sad et voiçi mon dernier log hijackthis

Citation:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:21:44, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C6FB348-B55D-400F-BB21-C1949D2D1EDE}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bw+0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F809E91D-097F-49FB-B03D-EA6E2D8AFF7D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\\PrevxCSI.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 16942 bytes


Voila en tout cas merci d'avance pour vos réponses
0
jean-mi66 Messages postés 54 Date d'inscription mercredi 7 novembre 2007 Statut Membre Dernière intervention 10 juin 2008 5
24 mars 2008 à 09:50
Bonjour,
Pour pccilin, c'est normal ce qui s'est passé. Quand vous l'avez téléchargé, il fallait désactiver l'anti virus et les applications pour qu'il puisse s'éxécuter, le temps de le laisser travailler. Et désinstaller le après pour éviter les conflits avec votre antivirus.
0
Réponse 4 / 7
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
24 mars 2008 à 10:14
Salut

Logitech\Desktop Messenger ► supprime par ajout/supp des programmes

1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
(attention à l'installation penser à DECOCHER l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).

AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
http://www.coupdepoucepc.com/modules/news/article.php?storyid=253
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php

3 Lance le nettoyage avec CCleaner.
Tutorial ici:
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
https://www.malekal.com/tutoriel-ccleaner/
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

4 Lance Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

5 Redémarre normalement et poste le rapport d'AVG Anti-Spyware avec un rapport


6 F - Hijackthis -

A++


0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Amny
4 avril 2008 à 21:12
Bonsoir, désole j'ai mis un peu de temps à tester les solutions proposées mais j'étais un peu occupé, donc je viens de tester le message de marie ça n'a pas donner grand chose avec ccleaner et avg donc je ne vais pas poster un log qui parle seulement de cookies qui ont tous étaient supprimés.

Voiçi mon dernier rapport hijackthis par contre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:49, on 04/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\VentriloMIX\Ventrilo 2.1.4.exe
C:\Program Files\NNScript\mirc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: My_AutoWarkey_Script.lnk = C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C6FB348-B55D-400F-BB21-C1949D2D1EDE}: NameServer = 81.253.149.9 80.10.246.132
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 6 / 7
Amny
4 avril 2008 à 21:27
Libre à vous, merci de votre temps, et désole que des solutions radicalement opposés, une passant par un environnement linux et l'autre par l'environnement windows aient pu vous faire réagir ainsi.
0
Réponse 7 / 7
Amny
4 avril 2008 à 22:34
Certainement contre votre volonté, mais en feuilletant un sujet dans lequel vous aviez répondu ^^Marie^^ j'ai pu découvrir que vous mentionniez ComboFix qui m'a apparement aidé à résoudre tous les problèmes sur mon ordinateur.
Je vous dis donc "indirectement" ;) merci et à ceux qui ont pris le temps de me répondre !
0

Discussions similaires

Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Menaces HackTool:Win32
LeMax5993 -
lisa4777 -

4 réponses
PUABundler:Win32/CandyOpen : dangereux ?
joubine -
bazfile -

2 réponses
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses