Sujet Précédent Sujet Suivant

PC infecté

Résolu
fsald Messages postés 30 Statut Membre -  
Redbart Messages postés 22322 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,
Papy à la retraite, soyez indulgent avec moi peut être pas très rapide!
Suite à plusieurs infections ( ralentissement- fenêtres intempestives non maitrisable...)
J'ai réalisé avec antivir un scan.
puis Combofix - direct - peut être pas la solution- à ce stade
voici mon htj log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:26, on 2008-04-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\acer\epm\epm-dm.exe
D:\Fran2\programmes\Res.EXE
C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Fran2\programmes\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] D:\Fran2\programmes\Res.EXE
O4 - HKLM\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [OBSWATCH] C:\PROGRA~1\ORANGEBS\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement Application Fax.lnk = C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O18 - Protocol: bw+0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: mlJCTKaA - mlJCTKaA.dll (file missing)
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
A voir également:

9 réponses

Réponse 1 / 9
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjour, commence par passer malewarebytes suivi de ccleaner dans c'est deux modes nettoyeur et registre et un scan anti -virus en ligne avec bitdéfender en utilisant internet explorer et poste le rapport de bitdefender
1) malewarebytes : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
2) ccleaner : https://www.malekal.com/tutoriel-ccleaner/
3) scan en ligne : http://www.commentcamarche.net/faq/sujet 8872 scanner en ligne avec bitdefender
lis bien les tutoriels pour bien les appliquer tu les passes dans l'ordre merci
0
fsald Messages postés 30 Statut Membre
 
merci
Je vais executer ces taches dans l'ordre...
0
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618 > fsald Messages postés 30 Statut Membre
 
ok je regarderais le rapport bitdéfender au réveil bonne nuit
0
Réponse 2 / 9
Redbart Messages postés 22322 Date d'inscription   Statut Membre Dernière intervention   3 299
 
c'est la multiplication des ........
O18 - Protocol: bw+0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

désinfection sur www.malekal.com
antivirus
quel parefeu et antispyware as tu?

Soyez précis et complet dans vos questions, les lecteurs ne sont pas devins.
Les moteurs de recherche sont là pour vous aider.
0
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonsoir, si tu regarde le rapport hijackthis tu verras qu'il utilise antivir comme anti virus et pas d'anti-spyware
0
fsald Messages postés 30 Statut Membre > jacques.gache Messages postés 34829 Statut Contributeur sécurité
 
Re bonjour je m'absente jusqu'à Mardi.
Pouvons nous reprendre la procédure?
merci
0
Réponse 3 / 9
Redbart Messages postés 22322 Date d'inscription   Statut Membre Dernière intervention   3 299
 
avira antivirus , c'est bon; mise à jour et scan total en mode sans échec
0
Réponse 4 / 9
fsald Messages postés 30 Statut Membre
 
Bonjour
J'ai bien envoyé le rapport bitfender mais je ne le vois pas apparaitre?
Au cas ou je vous l'envoie une 2 ème fois

BitDefender Online Scanner

Rapport d'analyse généré à: Sat, Apr 19, 2008 - 08:19:49

Voie d'analyse: C:\;D:\;E:\;

Statistiques

Temps

00:28:10

Fichiers

93115

Directoires

9802

Secteurs de boot

6

Archives

1688

Paquets programmes

6962

Résultats

Virus identifiés

15

Fichiers infectés

22

Fichiers suspects

0

Avertissements

0

Désinfectés

0

Fichiers effacés

22

Info sur les moteurs

Définition virus

1163335

Version des moteurs

AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins

16

Archive des plugins

41

Unpack des plugins

7

E-mail plugins

6

Système plugins

5

Paramètres d'analyse

Première action

Désinfecté

Seconde Action

Supprimé

Heuristique

Oui

Acceptez les avertissements

Oui

Extensions analysées

exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions

Analyse d'emails

Oui

Analyse des Archives

Oui

Analyser paquets programmes

Oui

Analyse des fichiers

Oui

Analyse de boot

Oui

Fichier analysé

Statut

C:\WINDOWS\system32\b4fm.dll

Détecté avec: Adware.Burnfree.B

C:\WINDOWS\system32\b4fm.dll

Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)

Infecté par: Trojan.Rootkit.Agent.AF

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)

Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)

Détecté avec: Adware.Errorsafe.G

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)

Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)

Détecté avec: Adware.Winfixer

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)

Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)

Détecté avec: Adware.Errorsafe.I

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)

Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)

Détecté avec: Adware.Systemdoctor.B

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)

Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)

Echec de la mise à jour

C:\Documents and Settings\francis\Application Data\errorsafeinstall_frw[1].exe

Infecté par: Trojan.Downloader.Winfixer.O

C:\Documents and Settings\francis\Application Data\errorsafeinstall_frw[1].exe

Supprimé

C:\Program Files\Fichiers communs\Error Safe\ESPChck.dll

Détecté avec: Adware.Errorsafe.I

C:\Program Files\Fichiers communs\Error Safe\ESPChck.dll

Supprimé

C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL

Détecté avec: Adware.Msearch.M

C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL

Supprimé

C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL

Détecté avec: Adware.Toolbar.Mywebsearch.O

C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002206.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

Détecté avec: Spyware.Tool.Nircmd.A

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002206.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002206.exe=>(RAR Sfx o)

Echec de la mise à jour

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002298.DLL

Détecté avec: Application.Need2find.A

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002298.DLL

Echec de la désinfection

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP21\A0002298.DLL

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002398.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

Détecté avec: Spyware.Tool.Nircmd.A

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002398.exe=>(RAR Sfx o)=>327882R2FWJFW\NirCmdC.cfexe

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002398.exe=>(RAR Sfx o)

Echec de la mise à jour

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002415.dll

Détecté avec: Adware.Burnfree.B

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002415.dll

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002425.exe

Infecté par: Trojan.Downloader.Winfixer.O

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002425.exe

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002426.dll

Détecté avec: Adware.Errorsafe.I

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002426.dll

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002427.DLL

Détecté avec: Adware.Msearch.M

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002427.DLL

Supprimé

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002428.DLL

Détecté avec: Adware.Toolbar.Mywebsearch.O

C:\System Volume Information\_restore{39138AFC-2562-464E-ABA0-3F3BA0BC3ED9}\RP22\A0002428.DLL

Supprimé

D:\Fran2\programmes\Error Safe\ersd.sys

Infecté par: Trojan.Rootkit.Agent.AF

D:\Fran2\programmes\Error Safe\ersd.sys

Supprimé

D:\Fran2\programmes\Error Safe\flfxr15.dll

Détecté avec: Adware.Errorsafe.G

D:\Fran2\programmes\Error Safe\flfxr15.dll

Supprimé

D:\Fran2\programmes\Error Safe\Updater.exe

Détecté avec: Adware.Winfixer

D:\Fran2\programmes\Error Safe\Updater.exe

Supprimé

D:\Fran2\programmes\Error Safe\InstHelp.exe

Détecté avec: Adware.Systemdoctor.B

D:\Fran2\programmes\Error Safe\InstHelp.exe

Supprimé
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjour, il y a du monde tu désactive et reactive la restauration système comme expliqué http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924 et tu refais un scan en ligne et tu me reposte un nouveau rapport hijacthis
0
fsald Messages postés 30 Statut Membre
 
Salut et bonsoir

J'ai répondu tout à l'heure à un certain ludsaf. J'ai on dirait 2 conversations sur le Forum.
Je reprends où j'en étais avec vous, après mon absence.
J'ai donc désactivé puis activer la restauration.
voilà le rapport HTJ

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:01, on 2008-04-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\acer\epm\epm-dm.exe
D:\Fran2\programmes\Res.EXE
C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Fran2\programmes\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] D:\Fran2\programmes\Res.EXE
O4 - HKLM\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [OBSWATCH] C:\PROGRA~1\ORANGEBS\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement Application Fax.lnk = C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O18 - Protocol: bw+0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A3EC33F8-48BA-4DA2-8EA2-330420F0B0E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: mlJCTKaA - mlJCTKaA.dll (file missing)
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
0
Réponse 6 / 9
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjour fixe ces lignes, passe ccleaner en mode registre et reposte moi un scane de bitdéfender
C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
O4 - HKLM\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O4 - HKCU\..\Run: [ERScw] "C:\Program Files\Fichiers communs\Error Safe\ERScw.exe" -c
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
et fixes toutes les ligne 18
O20 - Winlogon Notify: mlJCTKaA - mlJCTKaA.dll (file missing)
0
fsald Messages postés 30 Statut Membre
 
Bonsoir,
j'ai relance HJT pour fixer les lignes indiquées.
Je ne trouve pas la ligne: C:\Program Files\Fichiers communs\Error Safe\ERScw.exe
pour la fixer où est -elle?

Ccleaner en mode registre: dois je réparer toutes les erreurs indiquer

merci
0
fsald Messages postés 30 Statut Membre
 
Voici le rapport Bitdefender

tDefender Online Scanner







Rapport d'analyse généré à: Wed, Apr 23, 2008 - 02:34:12









Voie d'analyse: C:\;D:\;E:\;















Statistiques

Temps


00:24:17

Fichiers


88369

Directoires


9701

Secteurs de boot


6

Archives


1603

Paquets programmes


6680







Résultats

Virus identifiés


5

Fichiers infectés


5

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


5







Info sur les moteurs

Définition virus


1175040

Version des moteurs


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins


16

Archive des plugins


42

Unpack des plugins


7

E-mail plugins


6

Système plugins


5







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)


Infecté par: Trojan.Rootkit.Agent.AF

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 4)


Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)


Détecté avec: Adware.Errorsafe.G

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 8)


Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)


Détecté avec: Adware.Winfixer

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 10)


Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)


Détecté avec: Adware.Errorsafe.I

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 11)


Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


Echec de la mise à jour

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)


Détecté avec: Adware.Systemdoctor.B

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)=>(Instyler Module 13)


Supprimé

C:\WINDOWS\system32\ErrorSafeSetup.exe=>(Instyler o)


Echec de la mise à jour
0
Réponse 7 / 9
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonsoir ton rapport n'est pas complet mais bon je vois qu'il a supprimé la ligne que tu ne trouvais pas,par précaution du désatives et tu réactives la restauration système comme expliqué ici: http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924
et dis nous si tu as toujours des pubs et de quel nature
0
fsald Messages postés 30 Statut Membre
 
bonsoir,

Non je n'ai pas de pub intempestives.
J'ai cependant toujours lorsque je veux fermer windows toujours un message me disant que le programme ne repond pas : il s'agit de DeviceIO notice windows
je dois cliquer sur terminer maintenant, le message reapparait à nouveau et l'ordinateur s'éteint après un 2ème clic sur terminer maintenant.
J'ai ce message depuis pas mal de temps.
Quelquefois, je ne sais pas pourquoi, je peux arrêter sans que ce message apparaisse.
J'espère sinon que mes ennuis sont terminés.
merci pour votre aide
0
Réponse 8 / 9
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonsoir, tu devrais supprimer tous ce qui se lance au démarrage du pc perso moi je n'ai laissé que tous ce qui est de mon antivirus et antispywares un trucs système "ctfmon.exe" et sa marche sans problème et cela évitera peut être ton truc " DeviceIO notice windows " pour cela tu utilises ccleaner sur outil/démarrage tu cliques sur ce que tu veux bloquer au démarrage et effacer l'entrée, sinon tu as peut être une imprimante hp et possible que se soit lié regarde ici http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Pannes-courantes/message-deviceio-resolu-sujet_195310_1.htm
0
fsald Messages postés 30 Statut Membre
 
merci je vais essayer le truc de l'imprimante
0
Réponse 9 / 9
Redbart Messages postés 22322 Date d'inscription   Statut Membre Dernière intervention   3 299
 
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Pannes-courantes/message-deviceio-resolu-sujet_195310_1.htm
0