Derniers tutoriels :
Sondage :
Publicité
Derniers articles :
virus or not virus ?? - Version imprimable +- Forums d'entraide informatique - Les forums de PCW (http://forum.pcinfo-web.com) +-- Forum : Forum Informatique (/forumdisplay.php?fid=39) +--- Forum : Sécurité Informatique (/forumdisplay.php?fid=2) +--- Discussion : virus or not virus ?? (/showthread.php?tid=1481) |
- Alberto - 24-07-2007 12:38 PM ActiveScan n'a rien désinfecté : Citation :Outil indésirable:Application/KillApp.B No Désinfecté C:\hp\bin\KillIt.exe - Troll - 24-07-2007 12:41 PM Oops... Excuses moi Cheinsow, fatigue... Supprimes le fichier manuellement en faisant shift + suppr en te rendant à l'adresse du fichier Ensuite, il me semble que tu dispose déjà du programme hijackthis ? Si oui, crées un dossier nommé "hjt" dans C:\. Mets-y l'éxécutable à partir duquel tu labnce hijackthis. Ferme tous les programmes et coupe ta connexion internet. Lance hijactkhis. Clique sur "do a system scan and save a log file". Quandle bloc note est ouvert, tu copie ce qu'il y a dedans et tu nous le colles sur le forum (là tu as le droit de te reconnecter ). Voilà - Alberto - 24-07-2007 12:59 PM me revoila ! Logfile of HijackThis v1.99.1 Scan saved at 15:55:03, on 24/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\HP\KBD\KBD.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\PROGRA~1\VCOM\SYSTEM~1\mxtask.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe c:\windows\system\hpsysdrv.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\SYSTEM~1\MemCheck.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [L07FXLRD_17902796] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: bw+0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {E6236065-7E85-40EA-8FD8-8CAB1FA7D939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe O23 - Service: SystemSuite Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe Avant de supprimer "KillIt.exe", j'ai regardé, il a été créé le 27/06/2006 à 14:30 comme bcp de fichiers contenus dans c:\hp\bin\ sachant que j'avais pas ce pc a cette date, ca voudrais dire que le trojan était fourni avec le pc ? (je l'ai acheté neuf...) - Troll - 24-07-2007 14:01 PM Très bien. Pour le fichier KillIt.exe, laisse-le. Ensuite : Redémarre en mode sans echech (pour se faire, tapotes la touche F8 juste avant l'affichage du logo de windows XP puis choisis "démarrage en mode sans echec). Ensuite tu lance hijactkhis. Puis tu cliques sur "do a system scan only". Ensuite tu coche les cases suivantes : Citation :R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 Puis tu cliques sur "fix checked". S'il te met un message, tu répond OK. Une fois fini, tu redémarre en mode normal. (tu ne fais rien au démarrage, donc). Tu regardes si tu as de quelconques disfonctionnement (surtout webcam, souris...) et tu me dis si tu en as ou pas. En mode sans echec tu n'auras pas internet, il est donc vivement conseillé d'imprimer ce que je t'ai dit, à moins que tu n'aies une mémoire bien supérieure à tout ce que l'on connait actuellement... - Alberto - 24-07-2007 14:37 PM Pour KillIt.exe, à l'heure qu'il est il n'est plus sur mon pc ... J'en viens aux lignes 018 de mon log, je n'oserais pas te contredire, mais les lignes comportant "Logitech" sont apparues suite a mon changement de souris, il y a 1 semaine ou 2 ... Est-ce que je dois réellement les supprimer ? virus or not virus ?? - Troll - 25-07-2007 20:05 PM Si tu as bien créé un dossier ou tu as mis hijackthis, et tu que tu fais précisément ce que je t'ai dit, tu peux sans problème. Justement, je te demande "si tu as des disfonctionnement" entre autre pour ces lignes... En général on peut les virer mais si disfonctionnement il y a, alors on les restaure (hijackthis permet ça). |