Sujet Précédent Sujet Suivant

[razespyware]

Fermé
gabrielol Messages postés 15 Date d'inscription dimanche 22 janvier 2006 Statut Membre Dernière intervention 24 janvier 2006 - 22 janv. 2006 à 20:16
gabrielol Messages postés 15 Date d'inscription dimanche 22 janvier 2006 Statut Membre Dernière intervention 24 janvier 2006 - 22 janv. 2006 à 20:36
Bonjour,

J'ai suivi les conseils pour les personnes ayant été infectés par razespyware et je souhaiterais que quelqu'un analyse mon rapport
merci d'avance


SmitFraudFix v2.15

Rapport fait à 0:34:39,10 le 20/01/2006
Executé à partir de C:\Documents and Settings\Propri‚taire\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\system32\MTC.dll supprimé
C:\WINDOWS\system32\MTC.ini supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

1 réponse

Réponse 1 / 1
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
22 janv. 2006 à 20:29
Salut !

ça me parait propre !

pour être sure :

Telecharde ceux-ci :

http://www.infos-du-net.com/telecharger/HijackThis.html = lien
http://pageperso.aol.fr/balltrap34/demohijack.htm = démo
( Merci à balltrap )

Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.

ptite question : c'était quoi tes sympthomes ?

@+
0
gabrielol Messages postés 15 Date d'inscription dimanche 22 janvier 2006 Statut Membre Dernière intervention 24 janvier 2006
22 janv. 2006 à 20:36
Logfile of HijackThis v1.99.1
Scan saved at 20:31:26, on 22/01/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Norton Personal Firewall\NISUM.EXE
c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\shdocie.exe
C:\Program Files\ErrorSafe\ers.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\LVComS.exe
C:\WINDOWS\System32\shell386.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Mes documents\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdocie.dll/blank.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://voila.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: winapi32.MyBHO - {7A533235-A128-434B-9F8A-9300A544D191} - C:\WINDOWS\System32\winapi32.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [FA Page] C:\WINDOWS\system32\shdocie.exe home
O4 - HKLM\..\Run: [ErrorSafe] C:\Program Files\ErrorSafe\ers.exe /scan
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Norton Personal Firewall.lnk = C:\Program Files\Norton Personal Firewall\nisfirst.exe
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O18 - Protocol: bw+0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {11DE85FD-DD52-47DD-83EA-2B32CF89C2A5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Mes symptomes (toujours existant) c'est fond d'ecran rouge avec razespyware dessus et impossibilité de le supprimer, il revient toujours

Merci pour la réponse
0