Sujet Précédent Sujet Suivant

Connexion très très lente

chubaca -  
hisaeh Messages postés 2745 Statut Membre -
Bonjour,

Quelqu'un peut-il m'aider ?

Ma connexion internet est devenue très lente, c'est à dire que pour afficher une page quelconque il faut attendre entre 30s et 1min.
En sachant que je suis en ADSL 6 méga.
Je suis avec une livebox ethernet qui a toujours bien fonctionnée.

Merci de pouvoir me donner des réponses de réparation.
A voir également:

26 réponses

  • 1
  • 2
Réponse 1 / 26
Giniii Messages postés 231 Statut Membre 21
 
Essaye de redemarrer ta box.
Et attends quelques heures.
0
Réponse 2 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Bonjour,

A ] Pour essayer de récupérer une bonne connexion, verifie les points suivants :

1) Demarrer, panneau de configuration, connexions reseau et internet, options internet.
Puis dans l'onglet connexion, cliquer en bas sur parametres réseau, et verifier que sous Serveur proxy, la case est décochée. Et relancer le navigateur pour tester.

2) Si cela ne suffit pas, verifier les parametres du protocole tcp/ip :
Demarrer, panneau de configuration, connexions reseau et internet, connexion reseau, puis clique droit sur ta connexion et propriétés.
Là, dans l'onglet Général, derouler jusqu'à Protocole tcp/ip, le mettre en surbrillance en cliquant une fois dessus, puis cliquer sur propriétés en dessous.
Là, verifier que Obtenir une adresse IP automatiquement et Obtenir les adresses serveur DNS sont cochés

3) Si cela ne suffit pas, faire Demarrer, puis Executer, saisir :
services.msc
puis ok.
Ensuite, aller à Client DNS, faire clic droit puis propriétés, puis passer le type de demarrage en Manuel
Appliquer et tester la navigation.

4) Enfin, vider le cache DNS :

Demarrer, executer, puis saisir CMD
A l'invite de commande, saisir : ipconfig /flushdns (en respectant l'espace avant le /)
et faire entrée.

B] Sinon, fais ce qui suit pour voir ce qu'il en est :

Télécharges et installes le logiciel HijackThis :

ICI

- Double-clique sur HJTInstall afin de lancer l'installation.

- Clique sur Install ensuite sur I Accept.

- Clique sur Do a system scan and save a logfile.

- Le bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.
0
chubaca
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:33:56, on 26/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\cqqauay.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [cqqauay] "c:\windows\system32\cqqauay.exe" cqqauay
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cycling Manager 2007 no-binding Drivers Auto Removal (pr2alxec) (pr2alxec) - Cyanide - C:\WINDOWS\system32\pr2alxec.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
0
Réponse 3 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Ok, fais ceci :

Télécharges sur le bureau
http://www.commentcamarche.net/telecharger/telechargement 34056239 navilog

= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1
ne pas utiliser les autres sans avis , il peut y avoir des processus légitimes

un rapport : fixnavi.txt
dans ==> C :
le copier/coller dans la réponse
0
chubaca
 
j'arrive à cet écran :

1 : recherche
2 : desinfection automatique
3 : etc ....


Que dois-je faire ?
0
chubaca > chubaca
 
..\MessengerSkinner trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\Mika\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Mika\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Mika\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cqqauay"="\"c:\\windows\\system32\\cqqauay.exe\" cqqauay"


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

cqqauay.exe trouvé !
cqqauay.dat trouvé !
cqqauay_nav.dat trouvé !
cqqauay_navps.dat trouvé !
ukgym.dat trouvé !
ukgym_nav.dat trouvé !
ukgym_navps.dat trouvé !

* Dans "C:\Documents and Settings\Mika\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 26/03/2009 à 17:21:37,39 ***


Voila le rapport.
0
chubaca
 
Ok j'ai pris la fonction 1 recherche
0
abi
 
Search Navipromo version 3.7.6 commencé le 28/03/2009 à 11:11:12,65

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : 686P0 v1.10
USER : rachid ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1335 [VPS 090327-0] 4.8.1335 (Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:5 Go)
D:\ (Local Disk) - NTFS - Total:4 Go (Free:3 Go)
E:\ (Local Disk) - NTFS - Total:18 Go (Free:5 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)


Recherche executé en mode normal


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\rachid\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\rachid\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\rachid\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\rachid\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"sseqm"="\"c:\\documents and settings\\rachid\\local settings\\application data\\sseqm.exe\" sseqm"


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\rachid\locals~1\applic~1" :

sseqm.exe trouvé !
sseqm.dat trouvé !
sseqm_nav.dat trouvé !
sseqm_navps.dat trouvé !

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 28/03/2009 à 11:20:32,15 ***
0
Réponse 4 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Ok, maintenant redemarre en mode sans echec (tapote F8 au demarrage de l'ordi, et dans le menu proposé, choisis mode sans echec)

Ensuite relance Navilog et choisis l'option 2

Ensuite, poste le rapport ici.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 26
chubaca
 
Clean Navipromo version 3.7.6 commencé le 26/03/2009 à 22:42:29,00

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Default System BIOS
USER : Mika ( Administrator )
BOOT : Fail-safe boot

Antivirus : avast! antivirus 4.8.1335 [VPS 090326-0] 4.8.1335 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:189 Go (Free:73 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

Nettoyage executé en mode sans échec

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *

* Suppression dans "C:\Documents and Settings\Mika\locals~1\applic~1" *

*** Suppression dossiers dans "C:\WINDOWS" ***

*** Suppression dossiers dans "C:\Program Files" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\Mika\applic~1" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !

*** Suppression dossiers dans "C:\Documents and Settings\Mika\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\Mika\menudm~1\progra~1" ***

*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Mika\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\WINDOWS\system32" *

cqqauay.exe trouvé !
Copie cqqauay.exe réalisée avec succès !
cqqauay.exe supprimé !

cqqauay.dat trouvé !
Copie cqqauay.dat réalisée avec succès !
cqqauay.dat supprimé !

cqqauay_nav.dat trouvé !
Copie cqqauay_nav.dat réalisée avec succès !
cqqauay_nav.dat supprimé !

cqqauay_navps.dat trouvé !
Copie cqqauay_navps.dat réalisée avec succès !
cqqauay_navps.dat supprimé !

ukgym.dat trouvé !
Copie ukgym.dat réalisée avec succès !
ukgym.dat supprimé !

ukgym_nav.dat trouvé !
Copie ukgym_nav.dat réalisée avec succès !
ukgym_nav.dat supprimé !

ukgym_navps.dat trouvé !
Copie ukgym_navps.dat réalisée avec succès !
ukgym_navps.dat supprimé !

* Dans "C:\Documents and Settings\Mika\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***

*** Nettoyage terminé le 26/03/2009 à 22:44:56,43 ***

Voila le rapport.
0
Réponse 6 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Bien, un bon ménage de fait...
Fais ceci maintenant :
Télécharge Ad-Remover (de C_XX) sur ton Bureau.
http://sd-1.archive-host.com/membres/up/16506160323759868/AD­-R.exe

/!\ Déconnecte toi et ferme toutes les applications en cours /!\

● Double clique (clic droit...)sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton Bureau
● Au menu principal choisis l'option "A"
● Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report(date).log )

0
Réponse 7 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Télécharge AD-Remover de C_XX sur ton Bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

Ferme toutes les applications en cours, y compris ton navigateur *.
Désactive ton antivirus.

Double-clique sur AD-R.exe et installe-le dans le répertoire par défaut. ( C:\Program files )

Double clique sur l'icône Ad-remover
https://i75.servimg.com/u/f75/11/05/93/83/ad-r10.jpg

Au menu principal choisis l'option A

Poste le rapport qui apparait à la fin du scan.
Il est sauvegardé ici : C:\Ad-report(date).log

* Process.exe, un composant de l'outil, est détecté par certains antivirus, (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
C'est pourquoi il faut désactiver provisoirement ton antivirus.
0
Réponse 8 / 26
chubaca
 
------- LOGFILE OF AD-REMOVER 1.1.2.3 | ONLY XP/VISTA -------

Updated by C_XX on 27/03/2009 at 20:30
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

Start at: 13:07:26, Sam 28/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: PERRIER
Current User: Mika - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 45

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKCU\Software\Boonty
HKLM\Software\Boonty
HKLM\System\ControlSet001\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
.
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

HKCU\Software\Casino Tropez
HKCU\Software\Grand Virtual
HKCU\Software\pacificpoker
HKCU\Software\Poker 770
HKCU\Software\pokerinstaller
HKCU\Software\Titan Poker
HKLM\Software\Casino Tropez
HKLM\Software\Poker 770
HKLM\Software\Titan Poker
HKU\S-1-5-21-746137067-115176313-725345543-1004\Software\Titan Poker
.
C:\Program Files\PacificPoker

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKCR\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKCR\MediaPlayer.GraphicsUtils
HKCR\MediaPlayer.GraphicsUtils.1
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKCU\Software\SweetIM
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\MediaPlayer.GraphicsUtils
HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1
HKLM\Software\Classes\MgMediaPlayer.GifAnimator
HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5549C19D-46FE-4975-AD54-5B37E87FF6E2}
HKLM\Software\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetim
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCR\Installer\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Classes\Installer\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\2c8c89b.msi
C:\Program Files\SweetIM
C:\Documents and Settings\Mika\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\searchplugins\sweetim.xml
C:\Documents and Settings\Mika\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Documents and Settings\Mika\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\SweetIMToolbarData
C:\Documents and Settings\All Users\Application Data\SweetIM

============ Other Adwares Found ============

.
HKCR\WUSN.1
HKCU\Software\VB and VBA Program Settings\eurobarre
HKLM\Software\Classes\WUSN.1
.
C:\Documents and Settings\Mika\Cookies\mika@atdmt[2].txt
C:\Documents and Settings\Mika\Cookies\mika@bs.serving-sys[2].txt

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: rxntye41.default (Mika)
.
Prefs.js: Browser.Search.DefaultEngineName: "SweetIM Search"
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "SweetIM Search"
Prefs.js: Browser.Search.SelectedEngine: "Yahoo"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://search.sweetim.com/search.asp?src=2&q="
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) FOUND: user_pref("browser.search.defaultenginename", "SweetIM Search");
(Prefs.js) FOUND: user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
(Prefs.js) FOUND: user_pref("browser.search.selectedEngine", "SweetIM Search");
(Prefs.js) FOUND: user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.mode.debug", "false");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Yahoo");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.msn.com/fr-fr");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.previous.keyword.URL", "https://search.yahoo.com/web?fr=vmn");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.search.history.capacity", "10");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.simapp_id", "{E7D482A8-A601-11DD-9CD9-00138F7CC2FD}");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
(Prefs.js) FOUND: user_pref("sweetim.toolbar.version", "1.0.0.8");
.
.
.
.

---- Internet Explorer Version 6.0.2900.2180 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.orange.fr/
First Home Page: hxxp://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1

+-[HKEY_USERS\S-1-5-21-746137067-115176313-725345543-1004\..\Internet Explorer\Main]

Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.orange.fr/
First Home Page: hxxp://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.google.com/ie
Search bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

+---------------------------------------------------------------------------+

12700 Byte(s) - C:\Ad-Report-Scan-28.03.2009.log

0 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
0 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 13:13:56 | 28/03/2009
.
+-----------------| E.O.F - 180 Lines

Voici le rapport
.
0
Réponse 9 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Eh ben avec tout cela, ça devrait aller mieux apres un bon nettoyage de printemps :

Déconnectes toi et fermes toutes applications en cours !

* Relances "Ad-remover" : au menu principal choisi l'option "B" . clean
puis option A (supprimer tout )

--> le programme va travailler ...

* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\

0
Réponse 10 / 26
chubaca
 
------- LOGFILE OF AD-REMOVER 1.1.2.3 | ONLY XP/VISTA -------

Updated by C_XX on 27/03/2009 at 20:30
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

**** LIMITED TO ****

Boonty/BoontyGames
Eorezo
Infected Poker Softwares
FunWebProduct/MyWay/MyWebSearch
It's TV
Sweetim
Other Adwares

********************

Start at: 12:09:41, Dim 29/03/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: PERRIER
Current User: Mika - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 44

(!) ---- IE start pages/Tabs reset

+-----------------| Boonty/Boonty Games Elements Deleted :

Service: "Boonty Games"
.
HKCU\Software\Boonty
HKLM\Software\Boonty
HKLM\System\ControlSet003\Services\Boonty Games
.
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Deleted :

.

+-----------------| Infected Poker Softwares Elements Deleted :

HKCU\Software\Casino Tropez
HKCU\Software\Grand Virtual
HKCU\Software\pacificpoker
HKCU\Software\Poker 770
HKCU\Software\pokerinstaller
HKCU\Software\Titan Poker
HKLM\Software\Casino Tropez
HKLM\Software\Poker 770
HKLM\Software\Titan Poker
.
C:\Program Files\PacificPoker

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Deleted :

.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
.

+-----------------| It's TV Elements Deleted :

.

+-----------------| Sweetim Elements Deleted :

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetim
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKCR\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKCR\MediaPlayer.GraphicsUtils
HKCR\MediaPlayer.GraphicsUtils.1
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKCU\Software\SweetIM
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5549C19D-46FE-4975-AD54-5B37E87FF6E2}
HKLM\Software\SweetIM
HKCR\Installer\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\2c8c89b.msi
/!\ NOT DELETED - C:\Program Files\SweetIM
/!\ NOT DELETED - C:\Program Files\SweetIM\Messenger
/!\ NOT DELETED - C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
/!\ NOT DELETED - C:\Program Files\SweetIM\Messenger\msvcr71.dll
C:\Documents and Settings\Mika\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\searchplugins\sweetim.xml
C:\Documents and Settings\Mika\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Documents and Settings\Mika\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\SweetIMToolbarData
C:\Documents and Settings\All Users\Application Data\SweetIM

============ Other Adwares Deleted ============

.
HKCR\WUSN.1
HKCU\Software\VB and VBA Program Settings\eurobarre
.
C:\Documents and Settings\Mika\Cookies\mika@atdmt[2].txt
C:\Documents and Settings\Mika\Cookies\mika@bs.serving-sys[2].txt

----- Complementary cleaning + Heuristic... -----

...Finished!

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.

************* /!\ FILE(S)/FOLDER(S) NOT DELETED /!\ *************

"C:\Program Files\SweetIM\Messenger"
"C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll"
"C:\Program Files\SweetIM\Messenger\msvcr71.dll"

Second run ...

/!\ RESIST ! - "C:\Program Files\SweetIM\Messenger"
/!\ RESIST ! - "C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll"
/!\ RESIST ! - "C:\Program Files\SweetIM\Messenger\msvcr71.dll"

+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: rxntye41.default (Mika)
.
Prefs.js: Browser.Search.DefaultEngineName: "SweetIM Search"
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "SweetIM Search"
Prefs.js: Browser.Search.SelectedEngine: "Yahoo"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://search.sweetim.com/search.asp?src=2&q="
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
(Prefs.js) REMOVED: user_pref("browser.search.defaultenginename", "SweetIM Search");
(Prefs.js) REMOVED: user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
(Prefs.js) REMOVED: user_pref("browser.search.selectedEngine", "SweetIM Search");
(Prefs.js) REMOVED: user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.mode.debug", "false");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Yahoo");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.msn.com/fr-fr");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.previous.keyword.URL", "https://search.yahoo.com/web?fr=vmn");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.search.history.capacity", "10");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.simapp_id", "{E7D482A8-A601-11DD-9CD9-00138F7CC2FD}");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
(Prefs.js) REMOVED: user_pref("sweetim.toolbar.version", "1.0.0.8");
.
.
.
.

---- Internet Explorer Version 6.0.2900.2180 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_USERS\S-1-5-21-746137067-115176313-725345543-1004\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

13286 Byte(s) - C:\Ad-Report-Clean-29.03.2009.log
12942 Byte(s) - C:\Ad-Report-Scan-28.03.2009.log

1 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
4 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 12:18:19 | 29/03/2009
.
+-----------------| E.O.F - 196 Lines
.
Voila le rapport.
0
Réponse 11 / 26
chubaca
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:36:28, on 29/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cycling Manager 2007 no-binding Drivers Auto Removal (pr2alxec) (pr2alxec) - Cyanide - C:\WINDOWS\system32\pr2alxec.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
0
Réponse 12 / 26
chubaca
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:36:28, on 29/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cycling Manager 2007 no-binding Drivers Auto Removal (pr2alxec) (pr2alxec) - Cyanide - C:\WINDOWS\system32\pr2alxec.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
0
Réponse 13 / 26
chubaca
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:36:28, on 29/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Dream Poker - {D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - C:\Microgaming\Poker\dreampokerMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {10889422-F787-47DE-8D78-530BCF08043B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cycling Manager 2007 no-binding Drivers Auto Removal (pr2alxec) (pr2alxec) - Cyanide - C:\WINDOWS\system32\pr2alxec.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
0
Réponse 14 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Est-ce que ton ordi va mieux ?

SweetIM par contre ne se laisse pas faire le coquin...fais ceci :

• Télécharge OTMoveIt3 (de OldTimer) sur ton Bureau : http://oldtimer.geekstogo.com/OTMoveIt3.exe
• Double-clique sur OTMoveIt3.exe afin de le lancer.
• Copie/colle le texte suivant dans le cadre « Paste Instructions for Items to be Moved » et clique sur Moveit :

:processes
explorer.exe

:files
C:\Program Files\SweetIM

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]

• Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.
• Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 15 / 26
chubaca
 
Pour l'instant mon ordinateur est toujours aussi lent.
0
Réponse 16 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Ca n'est pas une bonne nouvelle....
0
Réponse 17 / 26
chubaca
 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Program Files\SweetIM\Messenger moved successfully.
C:\Program Files\SweetIM moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Mika\LOCALS~1\Temp\etilqs_YPC6FWBFTbRXTH1yKuIV scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF2315.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF2328.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF94DB.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF9520.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_680.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03302009_130625

Files moved on Reboot...
File C:\DOCUME~1\Mika\LOCALS~1\Temp\etilqs_YPC6FWBFTbRXTH1yKuIV not found!
File C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF2315.tmp not found!
File C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF2328.tmp not found!
File C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF94DB.tmp not found!
File C:\DOCUME~1\Mika\LOCALS~1\Temp\~DF9520.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_680.dat moved successfully.
C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxntye41.default\XUL.mfl moved successfully.
0
Réponse 18 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Mvouais, suspect tout ça...

Tu télécharges MalwareBytes.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l'installes. Choisis les options par défaut.
A la fin de l’installation, il te sera demandé de mettre à jour MalwareBytes et de l’exécuter .

Dans l’onglet Recherche, sélectionne Exécuter un examen rapide.
Clique sur recherche. Tu ne sélectionnes que les disques durs de l’ordinateur.
Clique sur lancer l’examen.

A la fin de la recherche, Comme il est demandé, clique sur afficher les résultats de la recherche.
Choisis alors Supprimer la selection pour nettoyer les infections.
Tu postes le rapport dans ton prochain message.

Si tu ne le retrouves pas, ouvre MalwareBytes et regarde dans l’onglet Rapport/logs. Il y est.
Clique dessus et choisir ouvrir.

0
Réponse 19 / 26
chubaca
 
Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1921
Windows 5.1.2600 Service Pack 3

31/03/2009 00:38:35
mbam-log-2009-03-31 (00-38-35).txt

Type de recherche: Examen rapide
Eléments examinés: 68580
Temps écoulé: 4 minute(s), 13 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 36
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 17
Fichier(s) infecté(s): 11

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\udcpchk.udcpchk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\udcpchk.udcpchk.1 (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\winpgintegrator.ieintegrator (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\winpgintegrator.ieintegrator.1 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{53e0b6e8-a51d-448b-b692-40b67b285543} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\WinPGI.DLL (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fopn (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.24 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.26 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\SystemDoctor 2006 Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\DriveCleaner 2006 Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\err.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\SystemDoctor 2006 Free\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mika\Application Data\DriveCleaner 2006 Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

Voici le rapport.
0
Réponse 20 / 26
hisaeh Messages postés 2745 Statut Membre 572
 
Incroyable....c'est un véritable bouillon de culture ce Pc...

Bon, on va passer un coup de Toolbar pour verifier, et après on passe à l'artillerie lourde :

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0

Discussions similaires

Impossible d'ouvrir certains sites (JAVA)
ELISE8000 -
titicris58 -

4 réponses
Problème 4g : ma Free mobile a un débit très lent
Problmedbit -
brupala -

12 réponses
Formaté mais pas de connexion Internet ?
VissErale -
VissErale -

4 réponses
Impossible d'établir la connexion a NVIDIA.
AFD31 -
emile -

34 réponses
Connexion limitée TV en Wifi
FSamba -
Wouaf -

21 réponses