PC infecté

Résolu
fsald Messages postés 30 Statut Membre -  
Redbart Messages postés 20952 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,
Papy à la retraite, soyez indulgent avec moi peut être pas très rapide!
Suite à plusieurs infections ( ralentissement- fenêtres intempestives non maitrisable...)
J'ai réalisé avec antivir un scan.
puis Combofix - direct - peut être pas la solution- à ce stade
voici mon htj log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:26, on 2008-04-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\acer\epm\epm-dm.exe
D:\Fran2\programmes\Res.EXE
C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Fran2\programmes\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FN
BAR.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] D:\Fran2\programmes\Res.EXE
O4 - HKLM\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [OBSWATCH] C:\PROGRA~1\ORANGEBS\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement Application Fax.lnk = C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O18 - Protocol: bw+0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: mlJCTKaA - mlJCTKaA.dll (file missing)
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 25075 bytes
je l'ai fait examiner rapidement sur le site allemand
apparament en
O2 BHO... ND2FNBAr.dll est méchant
O8... &Search....itou

Y at-il d'autres vices cachés?
Que dois je faire?
Merci
Configuration: Windows XP
Firefox 2.0.0.14

9 réponses

  1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonjour, commence par passer malewarebytes suivi de ccleaner dans c'est deux modes nettoyeur et registre et un scan anti -virus en ligne avec bitdéfender en utilisant internet explorer et poste le rapport de bitdefender
    1) malewarebytes : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    2) ccleaner : https://www.malekal.com/tutoriel-ccleaner/
    3) scan en ligne : http://www.commentcamarche.net/faq/sujet 8872 scanner en ligne avec bitdefender
    lis bien les tutoriels pour bien les appliquer tu les passes dans l'ordre merci
    0
    1. fsald Messages postés 30 Statut Membre
       
      merci
      Je vais executer ces taches dans l'ordre...
      0
      1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645 > fsald Messages postés 30 Statut Membre
         
        ok je regarderais le rapport bitdéfender au réveil bonne nuit
        0
  2. Redbart Messages postés 20952 Date d'inscription   Statut Membre Dernière intervention   3 382
     
    c'est la multiplication des ........
    O18 - Protocol: bw+0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    désinfection sur www.malekal.com
    antivirus
    quel parefeu et antispyware as tu?

    Soyez précis et complet dans vos questions, les lecteurs ne sont pas devins.
    Les moteurs de recherche sont là pour vous aider.
    0
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      bonsoir, si tu regarde le rapport hijackthis tu verras qu'il utilise antivir comme anti virus et pas d'anti-spyware
      0
      1. fsald Messages postés 30 Statut Membre > jacques.gache Messages postés 34829 Statut Contributeur sécurité
         
        Re bonjour je m'absente jusqu'à Mardi.
        Pouvons nous reprendre la procédure?
        merci
        0
  3. Redbart Messages postés 20952 Date d'inscription   Statut Membre Dernière intervention   3 382
     
    avira antivirus , c'est bon; mise à jour et scan total en mode sans échec
    0
  4. fsald Messages postés 30 Statut Membre
     
    Bonjour
    J'ai bien envoyé le rapport bitfender mais je ne le vois pas apparaitre?
    Au cas ou je vous l'envoie une 2 ème fois

    BitDefender Online Scanner

    Rapport d'analyse généré à: Sat, Apr 19, 2008 - 08:19:49

    Voie d'analyse: C:\;D:\;E:\;

    Statistiques

    Temps

    00:28:10

    Fichiers

    93115

    Directoires

    9802

    Secteurs de boot

    6

    Archives

    1688

    Paquets programmes

    6962

    Résultats

    Virus identifiés

    15

    Fichiers infectés

    22

    Fichiers suspects

    0

    Avertissements

    0

    Désinfectés

    0

    Fichiers effacés

    22

    Info sur les moteurs

    Définition virus

    1163335

    Version des moteurs

    AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

    Analyse des plugins

    16

    Archive des plugins

    41

    Unpack des plugins

    7

    E-mail plugins

    6

    Système plugins

    5

    Paramètres d'analyse

    Première action

    Désinfecté

    Seconde Action

    Supprimé

    Heuristique

    Oui

    Acceptez les avertissements

    Oui

    Extensions analysées

    exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

    Excludez les extensions

    Analyse d'emails

    Oui

    Analyse des Archives

    Oui

    Analyser paquets programmes

    Oui

    Analyse des fichiers

    Oui

    Analyse de boot

    Oui

    Fichier analysé

    Statut

    C:\WINDOWS\system32\b4fm.dll

    Détecté avec: Adware.Burnfree.B

    C:\WINDOWS\system32\b4fm.dll

    Supprimé

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)

    Infecté par: Trojan.Rootkit.Agent.AF

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)

    Supprimé

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

    Echec de la mise à jour

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)

    Détecté avec: Adware.Errorsafe.G

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)

    Supprimé

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

    Echec de la mise à jour

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)

    Détecté avec: Adware.Winfixer

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)

    Supprimé

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

    Echec de la mise à jour

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)

    Détecté avec: Adware.Errorsafe.I

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)

    Supprimé

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

    Echec de la mise à jour

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)

    Détecté avec: Adware.Systemdoctor.B

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)

    Supprimé

    C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

    Echec de la mise à jour

    C:\Documents and Settings\francis\Application Data\errorsafeinstall_frw[1].exe

    Infecté par: Trojan.Downloader.Winfixer.O

    C:\Documents and Settings\francis\Application Data\errorsafeinstall_frw[1].exe

    Supprimé

    C:\Program Files\Fichiers communs\Error Safe\ESPChck.dll

    Détecté avec: Adware.Errorsafe.I

    C:\Program Files\Fichiers communs\Error Safe\ESPChck.dll

    Supprimé

    C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL

    Détecté avec: Adware.Msearch.M

    C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL

    Supprimé

    C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL

    Détecté avec: Adware.Toolbar.Mywebsearch.O

    C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002206.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

    Détecté avec: Spyware.Tool.Nircmd.A

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002206.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002206.exe=>(RAR Sfx o)

    Echec de la mise à jour

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002298.DLL

    Détecté avec: Application.Need2find.A

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002298.DLL

    Echec de la désinfection

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002298.DLL

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002398.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

    Détecté avec: Spyware.Tool.Nircmd.A

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002398.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002398.exe=>(RAR Sfx o)

    Echec de la mise à jour

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002415.dll

    Détecté avec: Adware.Burnfree.B

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002415.dll

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002425.exe

    Infecté par: Trojan.Downloader.Winfixer.O

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002425.exe

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002426.dll

    Détecté avec: Adware.Errorsafe.I

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002426.dll

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002427.DLL

    Détecté avec: Adware.Msearch.M

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002427.DLL

    Supprimé

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002428.DLL

    Détecté avec: Adware.Toolbar.Mywebsearch.O

    C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002428.DLL

    Supprimé

    D:\Fran2\programmes\Error Safe\ersd.sys

    Infecté par: Trojan.Rootkit.Agent.AF

    D:\Fran2\programmes\Error Safe\ersd.sys

    Supprimé

    D:\Fran2\programmes\Error Safe\flfxr15.dll

    Détecté avec: Adware.Errorsafe.G

    D:\Fran2\programmes\Error Safe\flfxr15.dll

    Supprimé

    D:\Fran2\programmes\Error Safe\Updater.exe

    Détecté avec: Adware.Winfixer

    D:\Fran2\programmes\Error Safe\Updater.exe

    Supprimé

    D:\Fran2\programmes\Error Safe\InstHelp.exe

    Détecté avec: Adware.Systemdoctor.B

    D:\Fran2\programmes\Error Safe\InstHelp.exe

    Supprimé
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonjour, il y a du monde tu désactive et reactive la restauration système comme expliqué http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924 et tu refais un scan en ligne et tu me reposte un nouveau rapport hijacthis
    0
    1. fsald Messages postés 30 Statut Membre
       
      Salut et bonsoir

      J'ai répondu tout à l'heure à un certain ludsaf. J'ai on dirait 2 conversations sur le Forum.
      Je reprends où j'en étais avec vous, après mon absence.
      J'ai donc désactivé puis activer la restauration.
      voilà le rapport HTJ

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 01:01, on 2008-04-22
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Acer\eRecovery\Monitor.exe
      C:\Program Files\Acer\Acer Arcade\PCMService.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\acer\epm\epm-dm.exe
      D:\Fran2\programmes\Res.EXE
      C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
      C:\Acer\eManager\anbmServ.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\PROGRA~1\MICROS~4\rapimgr.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
      C:\Program Files\Windows Desktop Search\WindowsSearch.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
      C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
      C:\WINDOWS\system32\SearchIndexer.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\WINDOWS\system32\wscntfy.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      D:\Fran2\programmes\HJT\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
      O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [LaunchApp] Alaunch
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
      O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
      O4 - HKLM\..\Run: [USB Storage Toolbox] D:\Fran2\programmes\Res.EXE
      O4 - HKLM\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
      O4 - HKLM\..\Run: [OBSWATCH] C:\PROGRA~1\ORANGEBS\Watch.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
      O4 - HKCU\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
      O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
      O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Lancement Application Fax.lnk = C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
      O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
      O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
      O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
      O18 - Protocol: bw+0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: mlJCTKaA - mlJCTKaA.dll (file missing)
      O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
      O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
      O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
      0
  7. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonjour fixe ces lignes, passe ccleaner en mode registre et reposte moi un scane de bitdéfender
    C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
    O4 - HKLM\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
    O4 - HKCU\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
    O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
    et fixes toutes les ligne 18
    O20 - Winlogon Notify: mlJCTKaA - mlJCTKaA.dll (file missing)
    0
    1. fsald Messages postés 30 Statut Membre
       
      Bonsoir,
      j'ai relance HJT pour fixer les lignes indiquées.
      Je ne trouve pas la ligne: C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
      pour la fixer où est -elle?

      Ccleaner en mode registre: dois je réparer toutes les erreurs indiquer

      merci
      0
    2. fsald Messages postés 30 Statut Membre
       
      Voici le rapport Bitdefender

      tDefender Online Scanner







      Rapport d'analyse généré à: Wed, Apr 23, 2008 - 02:34:12









      Voie d'analyse: C:\;D:\;E:\;















      Statistiques

      Temps


      00:24:17

      Fichiers


      88369

      Directoires


      9701

      Secteurs de boot


      6

      Archives


      1603

      Paquets programmes


      6680







      Résultats

      Virus identifiés


      5

      Fichiers infectés


      5

      Fichiers suspects


      0

      Avertissements


      0

      Désinfectés


      0

      Fichiers effacés


      5







      Info sur les moteurs

      Définition virus


      1175040

      Version des moteurs


      AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

      Analyse des plugins


      16

      Archive des plugins


      42

      Unpack des plugins


      7

      E-mail plugins


      6

      Système plugins


      5







      Paramètres d'analyse

      Première action


      Désinfecté

      Seconde Action


      Supprimé

      Heuristique


      Oui

      Acceptez les avertissements


      Oui

      Extensions analysées


      exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

      Excludez les extensions




      Analyse d'emails


      Oui

      Analyse des Archives


      Oui

      Analyser paquets programmes


      Oui

      Analyse des fichiers


      Oui

      Analyse de boot


      Oui








      Fichier analysé


      Statut

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)


      Infecté par: Trojan.Rootkit.Agent.AF

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)


      Supprimé

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


      Echec de la mise à jour

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)


      Détecté avec: Adware.Errorsafe.G

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)


      Supprimé

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


      Echec de la mise à jour

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)


      Détecté avec: Adware.Winfixer

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)


      Supprimé

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


      Echec de la mise à jour

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)


      Détecté avec: Adware.Errorsafe.I

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)


      Supprimé

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


      Echec de la mise à jour

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)


      Détecté avec: Adware.Systemdoctor.B

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)


      Supprimé

      C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


      Echec de la mise à jour
      0
  8. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonsoir ton rapport n'est pas complet mais bon je vois qu'il a supprimé la ligne que tu ne trouvais pas,par précaution du désatives et tu réactives la restauration système comme expliqué ici: http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924
    et dis nous si tu as toujours des pubs et de quel nature
    0
    1. fsald Messages postés 30 Statut Membre
       
      bonsoir,

      Non je n'ai pas de pub intempestives.
      J'ai cependant toujours lorsque je veux fermer windows toujours un message me disant que le programme ne repond pas : il s'agit de DeviceIO notice windows
      je dois cliquer sur terminer maintenant, le message reapparait à nouveau et l'ordinateur s'éteint après un 2ème clic sur terminer maintenant.
      J'ai ce message depuis pas mal de temps.
      Quelquefois, je ne sais pas pourquoi, je peux arrêter sans que ce message apparaisse.
      J'espère sinon que mes ennuis sont terminés.
      merci pour votre aide
      0
  9. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonsoir, tu devrais supprimer tous ce qui se lance au démarrage du pc perso moi je n'ai laissé que tous ce qui est de mon antivirus et antispywares un trucs système "ctfmon.exe" et sa marche sans problème et cela évitera peut être ton truc " DeviceIO notice windows " pour cela tu utilises ccleaner sur outil/démarrage tu cliques sur ce que tu veux bloquer au démarrage et effacer l'entrée, sinon tu as peut être une imprimante hp et possible que se soit lié regarde ici http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Pannes-courantes/message-deviceio-resolu-sujet_195310_1.htm
    0
    1. fsald Messages postés 30 Statut Membre
       
      merci je vais essayer le truc de l'imprimante
      0
  10. Redbart Messages postés 20952 Date d'inscription   Statut Membre Dernière intervention   3 382
     
    http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Pannes-courantes/message-deviceio-resolu-sujet_195310_1.htm
    0