Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Ouvertures de pages Internet Aléatoires + alerte BitDefender

Invité KdTcA

Par Invité KdTcA
dans Analyses et éradication malwares

 Partager

Messages recommandés

Invité KdTcA

Invité KdTcA

Posté(e)
Posté(e)

Bonjour à tous!

 

Alors pour faire simple, je dois avoir le même souci que la personne à ce post :

 

http://forum.zebulon.fr/index.php?showtopic=113666

 

J'ai fait un scan complet avec BitDefender, avec PestPatrol et aussi avec AVA comme indiqué dans le post cité au dessus.

 

Avec AVA j'en ai fait 3 > 2 en mode sans échec puis 1 en mode sans échec + sans restauration système.

 

Je ne sais pas anlyser le rapport HijackThis donc je n'ai pas pu faire tout ce qui a été dans l'autre post.

 

 

Voilà, si quelqu'un pouvait m'aider...ça serait cool!

 

Merci d'avance.

bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

re,

 

Télécharge Blacklight (de F-Secure); clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.

 

Double-clique blbeta.exe et accepte la licence; clique Scan puis Next

 

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

 

Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "rename ou cleaning" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe

 

telecharge la version original de hijackthis http://www.merijn.org/files/hijackthis.zip

 

déconnecte toi du net et installe le sur ton bureau

 

lance le en cliquant sur Do a system scan and save a logfile a la fin du scan le bloc note va s'ouvrir tu fais un copier coller de tout son contenu.

Invité KdTcA

Invité KdTcA

Posté(e)
Posté(e)

Salut!

 

Alors...

 

BlackLight n'a rien trouvé :

02/20/07 18:43:19 [info]: BlackLight Engine 1.0.55 initialized

02/20/07 18:43:19 [info]: OS: 5.1 build 2600 (Service Pack 2)

02/20/07 18:43:19 [Note]: 7019 4

02/20/07 18:43:19 [Note]: 7005 0

02/20/07 18:43:22 [Note]: 7006 0

02/20/07 18:43:22 [Note]: 7011 1804

02/20/07 18:43:22 [Note]: 7026 0

02/20/07 18:43:22 [Note]: 7026 0

02/20/07 18:43:28 [Note]: FSRAW library version 1.7.1021

02/20/07 18:49:35 [Note]: 7007 0

 

Et HijackThis me renvoie :

 

Logfile of HijackThis v1.99.1

Scan saved at 18:50:34, on 20/02/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE

C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

C:\Program Files\Winamp\Winampa.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe

C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\WTablet\TabUserW.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\PROGRA~1\MSNMES~1\msnmsgr.exe

C:\WINDOWS\system32\Tablet.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

c:\progra~1\winamp\winamp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender9\vsserv.exe

c:\progra~1\softwin\bitdef~1\bdmcon.exe

C:\Documents and Settings\djé\Bureau\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE

O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe

O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe

O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"

O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [LDM] \Program\

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{37115BBE-7155-4A16-85F3-C42E6BAF38EE}: NameServer = 212.27.53.252,212.27.54.252

O18 - Protocol: bw+0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\RealVNC\WinVNC\winvnc.exe" -service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

 

 

Merci d'avance! :P

bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

Re,

 

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Invité KdTcA

Invité KdTcA

Posté(e)
Posté(e)

Tout d'abord MERCI!!!!

 

 

J'ai enfin réussi à faire le scan complet (j'ai eu une petite surchauffe d'où l'arrêt du PC...et ma réponse un peu tardive...)

 

Donc VundoFix a détecté 3 fichiers néfastes dont voici le rapport >

 

 

VundoFix V6.3.8

 

Checking Java version...

 

Java version is 1.4.2.3

 

Java version is 1.4.2.5

 

Java version is 1.5.0.2

 

Java version is 1.5.0.4

 

Java version is 1.5.0.6

 

Java version is 1.5.0.9

 

Scan started at 22:59:06 20/02/2007

 

Listing files found while scanning....

 

C:\WINDOWS\system32\ghhkj.bak1

C:\WINDOWS\system32\ghhkj.ini

C:\WINDOWS\system32\jkhhg.dll

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\ghhkj.bak1

C:\WINDOWS\system32\ghhkj.bak1 Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\ghhkj.ini

C:\WINDOWS\system32\ghhkj.ini Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\jkhhg.dll

C:\WINDOWS\system32\jkhhg.dll Has been deleted!

 

Performing Repairs to the registry.

Done!

 

 

Ensuite j'ai relancé HijackThis comme indiqué et voici le rapport >

 

Logfile of HijackThis v1.99.1

Scan saved at 23:49:35, on 20/02/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Tablet.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE

C:\Program Files\Softwin\BitDefender9\vsserv.exe

C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

C:\Program Files\Winamp\Winampa.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe

C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\PROGRA~1\MSNMES~1\msnmsgr.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\WTablet\TabUserW.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\djé\Bureau\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O2 - BHO: (no name) - {8017C23B-5F0E-4001-A609-878E5E0AF00B} - C:\WINDOWS\system32\jkhhg.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll

O2 - BHO: (no name) - {C7F47017-0A96-4600-8C65-FDDFAFE0E997} - C:\WINDOWS\system32\xxyaaxx.dll (file missing)

O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\djytghof.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE

O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe

O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe

O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"

O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [LDM] \Program\

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe

O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{37115BBE-7155-4A16-85F3-C42E6BAF38EE}: NameServer = 212.27.53.252,212.27.54.252

O18 - Protocol: bw+0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {FF742A62-9154-4FD4-872C-1ABDD4F27B14} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: winipo32 - winipo32.dll (file missing)

O20 - Winlogon Notify: xxyaaxx - xxyaaxx.dll (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\RealVNC\WinVNC\winvnc.exe" -service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

 

J'espère que tu vas me donner des bonnes nouvelles...? :P

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir KdTcA, Bruce Lee :P

 

En attendant le retour de Bruce Lee, va dans ajout/suppression de programmes et désinstalle toutes ces versions de Java (obsolètes, inutiles et contenant des failles de sécurité).

 

Java version is 1.4.2.3

 

Java version is 1.4.2.5

 

Java version is 1.5.0.2

 

Java version is 1.5.0.4

 

Java version is 1.5.0.6

 

Java version is 1.5.0.9

 

Tant qu'on parle de console Java, autant régler ce problème de suite :P

 

Ta console Java n'est pas à jour; pour corriger cela, va chez Java Sun et télécharge la dernière version.

 

Après installation et redémarrage, va dans le panneau de configuration/Ajouter-Supprimer des programmes afin de désinstaller l'ancienne version, ceci pour récupérer de l'espace disque et éventuellement pour virer les failles présentes dans cette ancienne version. (update 10)

 

Retourne alors chez Java ci-dessus et clique sur le bouton "Vérifier l'installation" pour t'assurer que tout est en ordre.

 

 

Je te laisse entre les mains expertes de Bruce Lee.

bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

Bonjour KdTcA, Apo :P

 

Si durant la procédure ci-dessous, il y a des étapes que tu n'as pas reussi a faire, merci de continuer la procédure jusqu'au bout et de les signaler dans ta prochaine reponse.

 

Je te conseille d'enregistrer la page web compléte sous Internet Explorer comme ceci :

 

* Clique sur Fichier/Enregistrer sous Dans Type, choisis : Archive web (fichier seul (*.mht) / Enregistre la sur le bureau,comme cela tu retrouvera la mise en forme ou imprime cette réponse. Une partie de la désinfection se déroulera en mode sans échec.

 

 

1/ Lance AVG Anti Spyware puis clique sur Mise à jour

Ferme le programme.

 

 

 

2/Démarre en mode sans échec http://www.sosordi.net/Faq/Faq.2.html

 

 

3/lance hijackthis en cliquant sur do a scan system only et coche ces lignes:

 

O2 - BHO: (no name) - {8017C23B-5F0E-4001-A609-878E5E0AF00B} - C:\WINDOWS\system32\jkhhg.dll (file missing)

O2 - BHO: (no name) - {C7F47017-0A96-4600-8C65-FDDFAFE0E997} - C:\WINDOWS\system32\xxyaaxx.dll (file missing)

O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\djytghof.dll (file missing)

toutes les lignes 018 sauf les deux dernieres

O20 - Winlogon Notify: winipo32 - winipo32.dll (file missing)

O20 - Winlogon Notify: xxyaaxx - xxyaaxx.dll (file missing)

 

Ferme toutes les fenêtres ouvertes sauf Hijackthis et clique sur fix checked

 

 

4/ Relance AVG AS puis choisis l'onglet Analyse

Puis l'onglet Paramètres

Sous la question Comment réagir ?, clique sur Actions recommandées et choisis Quarantaine

Reclique sur l'onglet Analyse puis réalise une Analyse complète du système

 

Si un fichier infecté est détecté en fin d'analyse

Clique sur Appliquer toutes les actions

 

Clique sur Enregistrer le rapport puis sur Enregistrer le rapport sous

Enregistre ce fichier texte sur ton bureau

 

 

5/Redémarre en mode normal

 

6/Poste le rapport d'AVG Anti spyware 7.5 ainsi qu'un nouveau log Hijackthis.

 

Bon courage, et si tu as la moindre question n'hésite surtout pas :P

 

@+

Invité KdTcA

Invité KdTcA

Posté(e)
Posté(e)

Et si je l'ai déjà fait je le refait quand même?

 

Parce que depuis mon dernier scan AVG en mode sans échec sans restauration système, j'ai plus d'alertes, plus de pages internet qui rament ou qui s'ouvrent n'importe quand, même si VundoFix a trouvé des fichiers néfastes...

 

 

:P

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...