Sujet Précédent Sujet Suivant

Virus Trojan.Spy.Win32.GreenScreen et autres

musikdreamer Messages postés 22 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
depuis ce matin j'ai des alertes du firewall Windows qui apparaissent principalement lorsque j'ouvre firefox ou Windows live Mail concerant Trojan-Spy.Win32.GreenScreen, Trojan-Spy.Win32.BankFraud, Trojan.Clicker.Win32.Tniy.h ...
J'ai fais un scan minutieux avec avast, il m'a trouvé qq merdes mais ces trojans précédemment cité sont toujours là ...

Est ce que qqn peut m'aider ??

Merci d'avance ...
A voir également:

28 réponses

  • 1
  • 2
Réponse 1 / 28
Utilisateur anonyme
 
lu,

fait un scan en ligne avec internet explore, si tu as firefox fait:
démarrer -> executer -> tape : iexplore (puis valide)

(coche toutes les cases à chaque fois) :
https://www.eset.com/

à la fin colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt

si ta besoin d'aide tu as un tutoriel ici :
http://bibou0007.com/scans-en-ligne-f75/tutorial-nod32-online-scanner-t128.htm
1
Réponse 2 / 28
musikdreamer Messages postés 22 Statut Membre
 
d'abord merci de la rapidité de ta réponse ...
entre temps jme suis retrouvé avec un fond d'écran bleu "SYTEM INFECTE PAS DES SPYWARES" ou un truc comme ça et j'avais un soit disant XP Antivirus 2008 qui s'était lancé et ne voulait pas partir ...
du coup j'ai pensé a faire une restauration système et en ouvrant Firefox IE ou windows live mail je n'ai plus de message d'alerte du firewall ... je fais quand même l'analyse que tu m'as conseillé si tu veux bien y jeter un oeil ...
0
Réponse 3 / 28
Utilisateur anonyme
 
oui poste le rapport à la fin
0
Réponse 4 / 28
musikdreamer Messages postés 22 Statut Membre
 
ouf enfin fini ... alors voilà :

Win32/TrojanDownloader.FakeAlert.DJ trojan
C:\WINDOWS\system32\phcrbbj0e915.bmp

Win32/Adware.Webhancer.A application
C:\Documents and Settings\HP_Propriétaire\LocalSettings\Temp\wh_cc.exe

Win32/AutoRun.GD worm
c:\AUTORUN.INF
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 28
Utilisateur anonyme
 
c'est aps le rapport ca ^^

à la fin colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt
0
Réponse 6 / 28
musikdreamer Messages postés 22 Statut Membre
 
ok DSL ...

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3340 (20080808)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=448d33878356ac41b57b6a173fdc737f
# end=finished
# remove_checked=false
# unwanted_checked=false
# utc_time=2008-08-08 09:44:31
# local_time=2008-08-08 11:44:31 (+0100, Paris, Madrid)
# country="France"
# osver=5.1.2600 NT Service Pack 2
# scanned=507613
# found=3
# scan_time=6328
C:\AUTORUN.INF Win32/AutoRun.GD worm 43C0E939887FCFF46B81F1B9E80B1A8E
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\wh_cc.exe Win32/Adware.Webhancer.A application D9527FAD885747DC20A454FD02BDFC14
C:\WINDOWS\system32\phcrbbj0e915.bmp Win32/TrojanDownloader.FakeAlert.DJ trojan 818C2209BD67775533DDF1ACEFB1F84C
0
Réponse 7 / 28
Utilisateur anonyme
 
ta pas fait ce que je tes dit !
si tu liser le tutoriel il faut cocher les 2 cases ce que tu na aps fait et donc ils non aps ete supprimer !!!!!

# remove_checked=false
# unwanted_checked=false

tu es bon pour recommencer et li les consigne !
0
Réponse 8 / 28
musikdreamer Messages postés 22 Statut Membre
 
ah merde ... encore dsl bon je relance tout
0
Réponse 9 / 28
musikdreamer Messages postés 22 Statut Membre
 
# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3341 (20080808)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=448d33878356ac41b57b6a173fdc737f
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2008-08-09 01:48:19
# local_time=2008-08-09 03:48:19 (+0100, Paris, Madrid)
# country="France"
# osver=5.1.2600 NT Service Pack 2
# scanned=507750
# found=12
# scan_time=5577
C:\AUTORUN.INF Win32/AutoRun.GD worm (unable to clean - deleted) 00000000000000000000000000000000
C:\Documents and Settings\HP_Propriétaire\Bureau\Mes instal\bsplayer227.958_clip.exe Win32/Adware.WhenU.SaveNow application (deleted) 00000000000000000000000000000000
C:\Documents and Settings\HP_Propriétaire\Bureau\Mes instal\bsplayer227.958_clip.exe »NSIS »AdVantageSetup.exe Win32/Adware.WhenU.SaveNow application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
C:\Documents and Settings\HP_Propriétaire\Bureau\Mes instal\bsplayer_bsplayer_2.26_anglais_10424.exe Win32/Adware.WhenU.SaveNow application (deleted) 00000000000000000000000000000000
C:\Documents and Settings\HP_Propriétaire\Bureau\Mes instal\bsplayer_bsplayer_2.26_anglais_10424.exe »NSIS »AdVantageSetup.exe Win32/Adware.WhenU.SaveNow application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
C:\Documents and Settings\HP_Propriétaire\Bureau\Mes instal\SetupPoker.exe a variant of Win32/PTCasino application (unable to clean - deleted) 00000000000000000000000000000000
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\wh_cc.exe Win32/Adware.Webhancer.A application (unable to clean - deleted) 00000000000000000000000000000000
C:\Poker\Titan Poker\_SetupPoker.exe a variant of Win32/PTCasino application (unable to clean - deleted) 00000000000000000000000000000000
C:\Program Files\AdVantage\ffext.mod Win32/Adware.WhenU.SaveNow application (deleted) 00000000000000000000000000000000
C:\Program Files\AdVantage\ffext.mod »CAB »{A89AED22-9133-424c-88E7-C8235C5FF302}\components\MeMedia_FF.dll Win32/Adware.WhenU.SaveNow application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\components\MeMedia_FF.dll Win32/Adware.WhenU.SaveNow application (unable to clean - deleted) 00000000000000000000000000000000
C:\WINDOWS\system32\phcrbbj0e915.bmp Win32/TrojanDownloader.FakeAlert.DJ trojan (unable to clean - deleted) 00000000000000000000000000000000
0
Réponse 10 / 28
Utilisateur anonyme
 
wow bon ba sa fait deja sa en moins ^^

Ensuite une fois fini fait un rapport hijackthis :
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

tu le télécharges, tu le lances et tu cliquera sur le premier bouton en haut "Do a system scan and save a logfile"
tu colleras le fichier texte ici ;).

PS : Ne fermes pas le programme
0
Réponse 11 / 28
musikdreamer Messages postés 22 Statut Membre
 
voilà ...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:18, on 09/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\HomePlayer\HomePlayer.exe
C:\Program Files\HomePlayer\vlc\vlc.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Zapu Acceleration Engine.lnk = C:\Program Files\Jeux\Zapu\Zapu\wincm.exe
O4 - Startup: Zapu.lnk = C:\Program Files\Jeux\Zapu\Zapu\wDivi.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O18 - Protocol: bw+0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {69BD7717-C034-4417-97BE-7DEF953D1AB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
0
Réponse 12 / 28
Utilisateur anonyme
 
ton pc tourne comment ?
0
Réponse 13 / 28
musikdreamer Messages postés 22 Statut Membre
 
c'est a dire ? .. ben il est un peu lent mais ça va encore j'ai déjà vu pire pourquoi?
0
Réponse 14 / 28
Utilisateur anonyme
 
ok fait ce qui suis :
https://forums.cnetfrance.fr
0
Réponse 15 / 28
tony.k
 
Voila j'ai eu aussi ce trojan.spy.win32.greenscreen et trojan.spy.html.bankfraud.dq
0
Réponse 16 / 28
Utilisateur anonyme
 
ben tu creer ton propre sujet
0
Réponse 17 / 28
musikdreamer Messages postés 22 Statut Membre
 
voilà ce que ça a donné

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1035
Windows 5.1.2600 Service Pack 2

14:02:20 09/08/2008
mbam-log-8-9-2008 (14-02-20).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 197710
Temps écoulé: 1 hour(s), 44 minute(s), 59 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 10

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Helper (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\rhcvbbj0e915 (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\rhcvbbj0e915\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcvbbj0e915\rhcvbbj0e915.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Favoris\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
0
Réponse 18 / 28
Utilisateur anonyme
 
oki ta redemarrer ton pc? si non fait le.
Comment il va ? un peu mieu?
0
Réponse 19 / 28
musikdreamer Messages postés 22 Statut Membre
 
oui quand même un peu ... tu crois que c bon?
0
Réponse 20 / 28
Utilisateur anonyme
 
ba le scan en ligne ok
malware byte ok
refait un hijackthis
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses