Sujet Précédent Sujet Suivant

à l'aide , plusieur probleme sur mon Pc

coco2571 -  
 ^^Marie^^ -
Bonjour,
est ce que quelquun pourait regarder à mon log hijackthis car j'ai plusieur probleme sur mon ordinateur, en effet internet explorer n'affiche plus les video (par exemple youtube ) , ni les images. Je faisais regulierement des démonstration de jeu sur le site bigfish games, je ne peux plus ouvrir les jeux. Ensuite je ne peux plus ouvrir la page de restauration du systeme , une page blanche et vide souvre sans aucun moyen de resaturer. Pour le probleme d'internet explorer , je suis maintenant sous mozilla firefox mais j'aimerai retourner à internet explorer.
Merci de votre aide, jespere trouver une solution rapidement . Voici mon raport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:29, on 03/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\STK014_V2.01\STK014M.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\coralie dethiere\Local Settings\Temporary Internet Files\Content.IE5\JDR4YNI9\HiJackThis[1].exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
O2 - BHO: EoRezoBHO - {64f56fc1-1272-44cd-ba6e-39723696e350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {a057a204-bacc-4d26-9990-79a187e2698e} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: STK014 PNP Monitor.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: Wireless 802.11g USB Adapter.lnk = C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: add to google photos screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\coralie dethiere\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Alice ADSL - {8011D8BD-181C-440F-8586-24D71D3E6ED4} - https://portail.free.fr/ (file missing) (HKCU)
O11 - Options group: [java_sun] Java (Sun)
O14 - IERESET.INF: START_PAGE_URL=https://portail.free.fr/
O16 - DPF: {0cca191d-13a6-4e29-b746-314dee697d83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5d6f45b3-9043-443d-a792-115447494d24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67dabfbf-d0ab-41fa-9c46-cc0f21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {f8c5c0f1-d884-43eb-a5a0-9e1c4a102fa8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: bw+0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: offline-8876480 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Apple Mobile Device (apple mobile device) - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (file missing)
A voir également:

51 réponses

Réponse 1 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Tout d'abord, infection EOZERO :

* Sous Vista : ▶ Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

* Clique sur Démarrer puis sur panneau de configuration
* Double Clique sur l'icône "Comptes d'utilisateurs"
* Clique ensuite sur désactiver et valide.
* Redémarre le PC

▶ Télécharge et enregistre le fichier d installation sur ton bureau :

http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

▶ tutoriel installation

▶ tutoriel recherche

/!\ Ne fait pas le nettoyage tout dessuite /!\

▶ Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( le bureau )

▶ Ouvre le dossier Ad-remover présent sur ton bureau

▶ Double clique sur Ad-remover.bat.

* Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"

▶ Au menu principal choisi l'option "A"

▶ Poste le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
2
Réponse 2 / 51
pti-damsi Messages postés 803 Statut Membre 44
 
Télécharge Ad-remover ( de C_XX ) sur ton bureau :

http://sd-1.archive-host.com/membres/up/16506160323759868/AD­-R.exe

! Déconnecte toi et ferme toutes applications en cours !

* Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

* Au menu principal choisis l'option "A" et tape sur [entrée] .

Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Aides en images (Installation) : http://pagesperso-orange.fr/FindyKill.Ad.Remover/ad_r_instal.html
Aides en images (Recherche) : http://pagesperso-orange.fr/FindyKill.Ad.Remover/ad_r_recherche.html
0
Réponse 3 / 51
pti-damsi Messages postés 803 Statut Membre 44
 
oups desolée tu peux y aller
0
coco2571
 
merci , voici le rapport AD-REMOVER :

------- LOGFILE OF AD-REMOVER 1.1.3.5 | ONLY XP/VISTA -------

Updated by C_XX on 03/05/2009 at 11:10
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

Start at: 13:39:36, 03/05/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: ACER-0912CA301A
Current User: coralie dethiere - Administrator
Drive(s):

============ Known Adwares Found ============

.
HKCU\Software\Trymedia Systems
HKLM\Software\Trymedia Systems
.

+-----------------| Eorezo Elements Found:

HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\EoRezo
HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Documents and Settings\coralie dethiere\Application Data\EoRezo

+-----------------| It's TV Elements Found:

HKCU\Software\ItsLabel
HKLM\Software\ItsLabel
HKU\S-1-5-21-2162064257-3298542676-3932346683-1006\Software\ItsLabel
.
C:\Documents and Settings\coralie dethiere\Application Data\ItsLabel

+-----------------| Sweetim Elements Found:

HKCR\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCR\SWEETIE.IEToolbar
HKCR\SWEETIE.IEToolbar.1
HKCR\SWEETIE.SWEETIE
HKCR\SWEETIE.SWEETIE.1
HKCR\ToolBand.SWEETIE
HKCR\ToolBand.SWEETIE.1
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Classes\SWEETIE.IEToolbar
HKLM\Software\Classes\SWEETIE.IEToolbar.1
HKLM\Software\Classes\SWEETIE.SWEETIE
HKLM\Software\Classes\SWEETIE.SWEETIE.1
HKLM\Software\Classes\ToolBand.SWEETIE
HKLM\Software\Classes\ToolBand.SWEETIE.1
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: xozso6bn.default (coralie dethiere)
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
.
.
.
.

---- Internet Explorer Version 8.0.6001.18702 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Start page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_USERS\S-1-5-21-2162064257-3298542676-3932346683-1006\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Start page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

4897 Byte(s) - C:\Ad-Report-Scan-03.05.2009.log


End at: 14:01:34 | 03/05/2009
.
+-----------------| E.O.F
.
0
Réponse 4 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
! Déconnectes toi et fermes toutes applications en cours !

● tutoriel nettoyage

● Relances "Ad-remover" : au menu principal choisi l'option "B" .

● Coche à l'écran de sélection :

0. Suppression Adwares Connus
2. Suppression Eorezo
3. Suppression It's TV
4. Suppression Sweetim

Tape le chiffre correspondant à la suppression demandée et valide par ENTER pour le cocher.

● Puis choisi "S" , le programme va travailler,

● Postes le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides)
0
coco2571
 
encore merci, voici le rapport de nettoyage:

------- LOGFILE OF AD-REMOVER 1.1.3.5 | ONLY XP/VISTA -------

Updated by C_XX on 03/05/2009 at 11:10
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

**** LIMITED TO ****

Known Adwares
Eorezo
It's TV
Sweetim

********************

Start at: 17:07:37, 03/05/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: ACER-0912CA301A
Current User: coralie dethiere - Administrator
Drive(s):

(!) ---- IE start pages/Tabs reset

============ Known Adwares Deleted ============

.
HKCU\Software\Trymedia Systems
HKLM\Software\Trymedia Systems
.

+-----------------| Eorezo Elements Deleted :

HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Program Files\EoRezo
C:\Documents and Settings\coralie dethiere\Application Data\EoRezo

+-----------------| It's TV Elements Deleted :

HKCU\Software\ItsLabel
HKLM\Software\ItsLabel
.
C:\Documents and Settings\coralie dethiere\Application Data\ItsLabel

+-----------------| Sweetim Elements Deleted :

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCR\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCR\SWEETIE.IEToolbar
HKCR\SWEETIE.IEToolbar.1
HKCR\SWEETIE.SWEETIE
HKCR\SWEETIE.SWEETIE.1
HKCR\ToolBand.SWEETIE
HKCR\ToolBand.SWEETIE.1
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.



+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.10 ----

ProfilePath: xozso6bn.default (coralie dethiere)
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
.
.
.
.

---- Internet Explorer Version 8.0.6001.18702 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_USERS\S-1-5-21-2162064257-3298542676-3932346683-1006\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start page: hxxp://fr.msn.com/?ocid=iehp

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
ensuite fait moi ceci :

Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

Télécharge GenProc sur ton bureau

Double-clique sur GenProc.exe

et poste le contenu du rapport qui s'ouvre à la suite de la question êtes vous aider par quelqu'un, répondre oui. Merci.

Si pas de rapport .txt, regarder sur le bureau, il doit y avoir une icône Genproc qui renvoie sur internet avec la procédure.

Voir comment utiliser GenProc

Pour ceux qui ont Vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs

IMPORTANT : Poste la procédure Genproc et ne fais rien d'autre pour l'instant ( souvent il faut ajouter des consignes à la manipe indiquée pour que cela fonctionne parfaitement )

0
coco2571
 
J'ai bien fait le nettoyage avec CCleaner mais Genproc ne fonctionne pas il ne m'affiche pas de rapport et me met le message d'erreur suivant : impossible de trouver le moteur de script C:/GenProc/outil/ResidentVbs
Merci
0
Réponse 6 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
redémarre ton rodi et réessaye.
0
coco2571
 
merci mais cela ne fonctionne toujours pas , peux tu me guider vers une autre démarche puisque GenProc ne fonctionne pas ?
0
Réponse 7 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
bon ba fais moi ceci :

▶ Télécharge malwarebyte's anti-malware

▶ Un tutoriel sera à ta disposition pour l'installer et l'utiliser correctement.

▶ Fais la mise à jour du logiciel (elle se fait normalement à l'installation)

▶ Lance une analyse complète en cliquant sur "Exécuter un examen complet"

▶ Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"

▶ L'analyse peut durer un bon moment.....

▶ Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"

▶ Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"

▶ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum

* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
0
coco2571
 
merci beaucoup , voici le rapport de malwarebytes' Anti-Malware.

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2078
Windows 5.1.2600 Service Pack 3

05/05/2009 18:13:48
mbam-log-2009-05-05 (18-13-48).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 190067
Temps écoulé: 56 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550o (Rootkit.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\TDSSlxwp.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSkkai.log (Trojan.TDSS) -> Quarantined and deleted successfully.
0
Réponse 8 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
ah quand même, vider la quarantaine de malware et me faire ceci :

Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

Télécharge Superantispyware (SAS)

Choisis "enregistrer" et enregistre-le sur ton bureau.

Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

Créé une icône sur le bureau.

Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

- Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
- Sous Configuration and Préférences, clique sur le bouton "Préférences"
- Clique sur l'onglet "Scanning Control "
- Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

Close browsers before scanning (Fermer Navigateur avant le scan)

Scan for tracking cookies (Scan pour dépister les cookies)

Terminate memory threats before quarantining (Terminez les menaces de mémoire avant de mettre en quarantaine)

- Laisse les autres lignes décochées.

- Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

- Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

Dans la colonne de gauche, coche C:\Fixed Drive.

Dans la colonne de droite, sous "Complète scan", clique sur "Perform Complète Scan"

Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

Pour recopier les informations sur le forum, fais ceci :

- après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
- Clique sur "Préférences" puis sur l'onglet "Statistics/Logs ".
- Dans "scanners logs", double-clique sur SuperAntiSpyware Scan Log.

- Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

- Copie son contenu dans ta réponse.

Regarde bien le tuto SuperAntiSpyware il est très bien expliqué.

0
coco2571
 
voila le rapport de SAS : SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 05/06/2009 at 03:08 PM

Application Version : 4.26.1002

Core Rules Database Version : 3879
Trace Rules Database Version: 1827

Scan type : Complete Scan
Total Scan Time : 01:13:21

Memory items scanned : 642
Memory threats detected : 0
Registry items scanned : 5757
Registry threats detected : 6
File items scanned : 96392
File threats detected : 3

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\clsid
HKCR\Install.Install\curver
HKCR\Install.Install.1
HKCR\Install.Install.1\clsid

Adware.UpMedia/SearchTool
HKU\S-1-5-21-2162064257-3298542676-3932346683-1006\Software\UptownInstaller

Adware.Tracking Cookie
C:\Documents and Settings\LocalService\Cookies\system@track.espaceclient[1].txt

Adware.MobiSwing
C:\PROGRAM FILES\SECURED IE\SECP.EXE

Trojan.Unknown Origin
C:\WINDOWS\SYSTEM32\TDSSMTVD.DAT



J'ai aussi constater que la page internet est longue à s'ouvrir je ne sais pas si c'est nécessaire de vous le dire mais bon..
0
Réponse 9 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
supprime ce que SAS à trouvé, ensuite fais moi ceci :

Télécharger AVPTool

La page qui vous accueille comporte en général les 12 dernières versions générées. Regardez attentivement l'heure et la date affichées dans le nom du logiciel pour déterminer celle qui est la plus récente. Téléchargez-la sans hésiter sur le bureau de votre PC. Double-cliquez dessus pour lancez l'installation.

Attention : AVPTool (tout comme d'autres outils du même acabit tels que Antivir, BitDefender Free, etc.) n'est pas une protection. C'est un détecteur et un nettoyeur d'infections déjà présentes sur le PC. Pour vous protéger efficacement contre les menaces modernes que sont les Drive-by Downloads, les Stage Downloads, les Banking Trojans, les Webstorms, il faut disposer d'authentiques suites de sécurité comme Kaspersky Antivirus 8.0 (KAV) ou Kaspersky Internet Security 8.0 (KIS).

AVPTool fonctionne sous Windows 2000, XP, Vista 32 bits. Il ne doit pas être utilisé sur des machines déjà équipées de KAV 8.0 ou KIS 8.0.

0
coco2571
 
Merci beaucoup , voici le rapport kaspersky:

Scan
----
Scanned: 533140
Detected: 7
Untreated: 0
Start time: 08/05/2009 17:35:56
Duration: 02:14:19
Finish time: 08/05/2009 19:50:15


Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan-Downloader.WMA.GetCodec.c File: C:\Documents and Settings\coralie dethiere\Mes documents\FrostWire\Incomplete\Preview-T-3545425-vivre en creuver lopera rock.mp3
deleted: Trojan program Trojan-Downloader.WMA.GetCodec.u File: C:\Documents and Settings\coralie dethiere\Mes documents\FrostWire\Incomplete\Preview-T-6472385-suite et fin emmanuel moire.mp3
deleted: Trojan program Trojan-Downloader.WMA.GetCodec.c File: C:\Documents and Settings\coralie dethiere\Mes documents\FrostWire\Incomplete\T-3545425-vivre en creuver lopera rock.mp3
deleted: Trojan program Trojan-Downloader.WMA.GetCodec.u File: C:\Documents and Settings\coralie dethiere\Mes documents\FrostWire\Incomplete\T-5313983-vivre en creuver lopera rock 320k.mp3
deleted: Trojan program Trojan-Downloader.WMA.GetCodec.u File: C:\Documents and Settings\coralie dethiere\Mes documents\FrostWire\Incomplete\T-6472385-suite et fin emmanuel moire.mp3
deleted: Trojan program Trojan-Downloader.WMA.GetCodec.v File: C:\Documents and Settings\coralie dethiere\Mes documents\FrostWire\Saved\promis emmanuel moire(Disk 1).mp3
deleted: adware not-a-virus:AdWare.Win32.Cres.a File: C:\Program Files\STK014_V2.01\STK014D.exe


Events
------
Time Name Status Reason
---- ---- ------ ------
08/05/2009 17:36:23 Running module: smss.exe\smss.exe ok scanned
08/05/2009 17:36:25 File: C:\WINDOWS\System32\smss.exe ok scanned
08/05/2009 17:36:25 Running module: smss.exe\ntdll.dll ok scanned


Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------


Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes


Quarantine
----------
Status Object Size Added
------ ------ ---- -----


Backup
------
Status Object Size
------ ------ ----
0
Réponse 10 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Et ba dite donc il y en avais des trojans.

Maintenant ceci :

Télécharger RemoveIT Pro

Fais un scan et poste moi le full rapport log.

A la fin du 1er scan, s'il demande de faire un scan complet dite oui et à la fin du 2ème scan, si virus trouvé cliquez sur fix pour nettoyer des virus trouvés.

0
Réponse 11 / 51
coco2571
 
Merci j'ai fais les deux scan de RemoveIt Pro , j'ai fixé 7 elements detectés mais je n'arrive pas à te poster le full rapport log il s'affiche mais je ne peux pas le copier afin de le poster :(
0
Réponse 12 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
ok pas de problème si tu as déjà supprimé les 7 virus c'est bien , maintenant ceci afin de vérifier qu'il n'y a plus de virus :

▶ Désactive ton antivirus

▶ Rends toi sur ce site : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (avec Internet Explorer uniquement)

▶ En bas à droite, clique sur Démarrer Online-scanner

▶ Dans la nouvelle fenêtre qui s'affiche clique sur J'accepte

▶ Accepte les Contrôle ActiveX

▶ Choisis Poste de travail pour le scan.

▶ Celui-ci terminé, sauvegarde le rapport (choisis fichier texte) et poste le dans ta prochaine réponse.

▶ Pour t'aider à utiliser le scan en ligne, consulte ce tutoriel

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
0
coco2571
 
bonjour , je n'arrive pas a demarrer le scan en ligne kaspersky . Quand je suis sur le site où il faut cliquer en bas a droite sur demarer online scan , rien ne se passe , rien ne démarre. Internet explorer ayant depuis quelques temps des petit problémes de fonctionnement , c'est peut être du à cela .
0
Réponse 13 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Essaye celui ci :

Fais un scan en ligne avec Internet explorer
Rend toi sur ce site : https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan

Voici un tutoriel

0
coco2571
 
Merci ,me revoilà , je suis désolé d'avoir mis autant de temps avant de vous répondre mais j'ai du m'absenter quelques jours alors que ce n'était pas prévus. Voila donc le rapport de panda active scan : j'ai juste scanné , je n'est rien désinfecté pour le moment: ;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-05-15 16:08:44
PROTECTIONS: 1
MALWARE: 5
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
avast! antivirus 4.8.1335 [VPS 090514-0] 4.8.1335 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\All Users\Application Data\Arovax\Antispyware\quarantine\archive 07.06.2008 13-43-53.dat
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\coralie dethiere\Cookies\coralie_dethiere@weborama[1].txt
00477195 Trj/KillAV.JK Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP655\A0142445.scr
00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP655\A0142411.sys
02990320 Application/BoontyGames HackTools Yes 0 Yes No C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 14 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
on va déjà supprimer ça, le reste sera supprimer à la fin avec le nettoyage :

02990320 Application/BoontyGames HackTools Yes 0 Yes No C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

Supprimer Boonty.exe

Bouton Démarrer => Exécuter... => Ecrire : services.msc

Rechercher dans le panneau qui s’ouvre : Boonty Games

Double-clic dessus => Type de démarrage : Désactivé => en dessous Arrêter et OK

Supprimer BOONTY Shared qui se trouve dans C:\Program Files\Fichiers communs\

Si vous avez un message d'erreur à cause du processus actif, le refaire en mode sans échec.

Redémarrez et passez HiJackThis pour vérifier qu'il n'y a plus de ligne avec Boonty.exe
0
Réponse 15 / 51
coco2571
 
Voila le rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:46:33, on 15/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\STK014_V2.01\STK014M.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\coralie dethiere\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - (no file)
O2 - BHO: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {a057a204-bacc-4d26-9990-79a187e2698e} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: STK014 PNP Monitor.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: Wireless 802.11g USB Adapter.lnk = C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: add to google photos screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\coralie dethiere\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Alice ADSL - {8011D8BD-181C-440F-8586-24D71D3E6ED4} - https://portail.free.fr/ (file missing) (HKCU)
O11 - Options group: [java_sun] Java (Sun)
O14 - IERESET.INF: START_PAGE_URL=https://portail.free.fr/
O16 - DPF: {0cca191d-13a6-4e29-b746-314dee697d83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5d6f45b3-9043-443d-a792-115447494d24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67dabfbf-d0ab-41fa-9c46-cc0f21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {f8c5c0f1-d884-43eb-a5a0-9e1c4a102fa8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: bw+0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: offline-8876480 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Apple Mobile Device (apple mobile device) - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (file missing)
0
Réponse 16 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
On va faire un nettoyage en 2 partie :

déjà ça :
Tu relance hijackthis, mais là tu clique juste sur faire un scan, ensuite tu sélectionne les lignes puis,

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - (no file)
O2 - BHO: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
O2 - BHO: (no name) - {a057a204-bacc-4d26-9990-79a187e2698e} - (no file)
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\coralie dethiere\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Alice ADSL - {8011D8BD-181C-440F-8586-24D71D3E6ED4} - https://portail.free.fr/ (file missing) (HKCU)
O16 - DPF: {0cca191d-13a6-4e29-b746-314dee697d83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/
O16 - DPF: {f8c5c0f1-d884-43eb-a5a0-9e1c4a102fa8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

Tu cliques en bas sur le bouton FIX CHECKED et valides .

2- Redémarres l'ordi .
( important pour que certaines modifs faites avec hijakthis soient prises en compte )

Ensuite un nouvel hijackthis.
0
Réponse 17 / 51
coco2571
 
Voila,

4Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:32, on 15/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\STK014_V2.01\STK014M.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\coralie dethiere\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: STK014 PNP Monitor.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: Wireless 802.11g USB Adapter.lnk = C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: add to google photos screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O14 - IERESET.INF: START_PAGE_URL=https://portail.free.fr/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5d6f45b3-9043-443d-a792-115447494d24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67dabfbf-d0ab-41fa-9c46-cc0f21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: offline-8876480 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Apple Mobile Device (apple mobile device) - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (file missing)
0
Réponse 18 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Tu relance hijackthis, mais là tu clique juste sur faire un scan, ensuite tu sélectionne les lignes puis,

O18 - Protocol: bw+0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {76FD49E5-C3C4-4C27-BAF0-FF05F34F7660} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

Tu cliques en bas sur le bouton FIX CHECKED et valides .

2- Redémarres l'ordi .
( important pour que certaines modifs faites avec hijakthis soient prises en compte )

Ensuite ceci :

Télécharge Toolscleaner sur ton Bureau :

* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse

Puis ceci :

pour voir si ton pc est à jour :

http://www.filehippo.com/updatechecker/UpdateChecker.exe (attention certain logiciels mis en lien pour les mises à jour peuvent être en anglais, rechercher à ce moment là celui en français)

Voici un tuto

Surtout ne pas installer les versions bêta pour les mises à jour logiciels et autres.

Et pour finir :

Purge de la restauration système

*Désactive ta restauration :
Clique droit sur poste de travail/propriétés/Restauration système/coche la case désactiver la restauration, appliquer, OK
---> Redémarre ton PC ...

*Réactive ta restauration :
Clique droit sur poste de travail/propriétés/Restauration système/décoche la case désactiver la restauration, appliquer, OK
--->Redémarre ton PC ...

( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).

Tuto xp : http://service1.symantec.com/

tuto vista : Désactive et reactive ta restauration

Alors vous devez garder les logiciels suivant qui ont été téléchargés pour la désinfection :

- SAS s'il y a de la place sur l'ordi (faire scan de temps en temps)

- Ccleaner à garder absolument et faire le nettoyage souvent

- Malware à garder absolument (faire scan de temps en temps)

- Update checker à garder absolument et faire un scan pour vérifier les mises à jour disponible

- APV TOOL (kaspersky) à supprimer

- Tools cleaner à supprimer

- Remove It pro à supprimer

- Si USB fix me demander pour la suppression.
0
coco2571
 
voila le rapport toolscleaner

, [ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\GenProc: trouvé !
C:\Documents and Settings\coralie dethiere\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\coralie dethiere\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\coralie dethiere\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe: trouvé !
C:\Documents and Settings\coralie dethiere\Mes documents\Msnfix.zip: trouvé !
C:\Documents and Settings\coralie dethiere\Mes documents\MsnFix: trouvé !
C:\Documents and Settings\coralie dethiere\Mes documents\MSNFix\MsnFix: trouvé !
C:\GenProc\Page\GenProc[*].html: trouvé !
C:\Program Files\Ad-remover: trouvé !
C:\Program Files\Ad-remover\TOOLS\BACKUP\Ad-R.exe: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
C:\WINDOWS\system32\*.msnfix: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\coralie dethiere\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\coralie dethiere\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe: supprimé !
C:\Documents and Settings\coralie dethiere\Mes documents\Msnfix.zip: supprimé !
C:\Program Files\Ad-remover\TOOLS\BACKUP\Ad-R.exe: supprimé !
C:\Documents and Settings\coralie dethiere\Bureau\hijackthis.log: supprimé !
C:\GenProc\Page\GenProc[*].html: ERREUR DE SUPPRESSION !!
C:\WINDOWS\msnfix.txt: supprimé !
C:\WINDOWS\system32\*.msnfix: ERREUR DE SUPPRESSION !!
C:\GenProc: supprimé !
C:\Documents and Settings\coralie dethiere\Mes documents\MsnFix: supprimé !
C:\Program Files\Ad-remover: supprimé !



Je ne vois toujours pas d'amélioration dans les problémes de mon ordi à part tous les virus qui ont put etre supprimés est-ce normal ?
0
Réponse 19 / 51
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Il va y avoir ça à supprimer manuellement :

C:\GenProc\Page\GenProc[*].html: ERREUR DE SUPPRESSION !!

C:\WINDOWS\system32\*.msnfix: ERREUR DE SUPPRESSION !!

Ensuite les mises à jour ça donne quoi?
0
coco2571
 
voila le rapport spybot mais c'est toi pimprenelle qui ma demander de le faire car sur mon e-mail c'est au nom de quelqu'un d'autre que cela apparait et le message n'apparait pas sur le forum ? dans le doute j'ai fais le scan spybot comme on me l'a demander mais je n'est pas cliquer sur corriger les problemes: je donne donc le rapport complet :


--- Search result list ---
QuadRegistryCleaner: [SBI $5B22DD52] Dossier Programme (Répertoire, nothing done)
C:\Program Files\QUAD Utilities\

QuadRegistryCleaner: [SBI $82FD1943] Dossier Programme (Répertoire, nothing done)
C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Réglages (Modification du Registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride

Microsoft.WindowsSecurityCenter.SP2Update: [SBI $D7D77116] Réglages (Modification du Registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DoNotAllowXPSP2

MegaUploadToolbar: [SBI $DA7EBDE6] Barre d'outils IE (Valeur du Registre, nothing done)
HKEY_USERS\S-1-5-21-2162064257-3298542676-3932346683-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}

MegaUploadToolbar: [SBI $4E8B9398] Réglages (Clé du Registre, nothing done)
HKEY_USERS\S-1-5-21-2162064257-3298542676-3932346683-1006\Software\AppDataLow\Software\MegauploadToolbar

MegaUploadToolbar: [SBI $998A0E3C] Exécutable (Fichier, nothing done)
C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper.exe
Properties.size=1060808
Properties.md5=091C0EE9E6ECDB072C4D420A745F5F16
Properties.filedate=1217882648
Properties.filedatetext=2008-08-04 22:44:08

MegaUploadToolbar: [SBI $395CBDB1] Dossier Programme (Répertoire, nothing done)
C:\Documents and Settings\All Users\Application Data\Megaupload\

MegaUploadToolbar: [SBI $EB10C2BD] Exécutable (Fichier, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe
Properties.size=853960
Properties.md5=65B1AB57C58A687D90E88155C625A36D
Properties.filedate=1217882648
Properties.filedatetext=2008-08-04 22:44:08

MegaUploadToolbar: [SBI $F664B537] Exécutable (Fichier, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierAPI.dll
Properties.size=854984
Properties.md5=E695454B2A2D85ED43040E7F9FDDAC58
Properties.filedate=1217882648
Properties.filedatetext=2008-08-04 22:44:08

MegaUploadToolbar: [SBI $1E82DC0D] Donnée (Fichier, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierEN.lng
Properties.size=3547
Properties.md5=EEA268AB7810EB0342E9A4A6E02F02CC
Properties.filedate=1208466096
Properties.filedatetext=2008-04-17 23:01:36

MegaUploadToolbar: [SBI $1E82DC0D] Donnée (Fichier, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierFR.lng
Properties.size=3698
Properties.md5=9DACE4478568FD2863A3C974F8CC7831
Properties.filedate=1208466358
Properties.filedatetext=2008-04-17 23:05:58

MegaUploadToolbar: [SBI $2E6D42A0] Dossier Programme (Répertoire, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\

MegaUploadToolbar: [SBI $6E406E65] Donnée (Fichier, nothing done)
C:\Documents and Settings\coralie dethiere\Application Data\EmailNotifier\EmailNotifier.xml
Properties.size=570
Properties.md5=E944BB414B79C4653C59EE1F0FDF2086
Properties.filedate=1225018065
Properties.filedatetext=2008-10-26 12:47:45

MegaUploadToolbar: [SBI $E467634D] Donnée (Fichier, nothing done)
C:\Documents and Settings\coralie dethiere\Application Data\EmailNotifier\EmailNotifier.xml.bak
Properties.size=570
Properties.md5=E944BB414B79C4653C59EE1F0FDF2086
Properties.filedate=1225018065
Properties.filedatetext=2008-10-26 12:47:45

MegaUploadToolbar: [SBI $43765A7F] Dossier Programme (Répertoire, nothing done)
C:\Documents and Settings\coralie dethiere\Application Data\EmailNotifier\

BlueStreak: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


MediaPlex: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


MediaPlex: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


MediaPlex: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


DoubleClick: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Adviva: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Zedo: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Zedo: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Zedo: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Zedo: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


FastClick: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


FastClick: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Zedo: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Statcounter: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


BurstMedia: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


BurstMedia: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


BurstMedia: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


WebTrends live: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


FastClick: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)


FastClick: Cookie traceur (Firefox: coralie dethiere (default)) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-05-16 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-03-25 Includes\Adware.sbi (*)
2009-05-12 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-03-31 Includes\Dialer.sbi (*)
2009-05-12 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-04-21 Includes\Hijackers.sbi (*)
2009-05-12 Includes\HijackersC.sbi (*)
2009-05-06 Includes\Keyloggers.sbi (*)
2009-05-12 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-05-12 Includes\Malware.sbi (*)
2009-05-13 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-05-12 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-05-12 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-04-07 Includes\Spyware.sbi (*)
2009-05-12 Includes\SpywareC.sbi (*)
2009-04-07 Includes\Tracks.uti
2009-05-12 Includes\Trojans.sbi (*)
2009-05-13 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ windows media encoder: Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
/ Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
/ Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
/ Windows Media Player 11: Mise à jour critique pour Lecteur Windows Media 11 (KB959772)
/ Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
/ Windows Media Player 9: Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB923689)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB941569)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Correctif pour Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)
/ Windows XP / SP0: Mise à jour pour Windows Internet Explorer 8 (KB968220)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB923561)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB938464)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB938464-v2)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB946648)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB950760)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB950762)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB950974)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB951066)
/ Windows XP / sp4: Mise à jour pour Windows XP (KB951072-v2)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB951376)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB951376-v2)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB951698)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB951748)
/ Windows XP / sp4: Mise à jour pour Windows XP (KB951978)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB952004)
/ Windows XP / sp4: Correctif pour Windows XP (KB952287)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB952954)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB953839)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB954211)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB954459)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB954600)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB955069)
/ Windows XP / sp4: Mise à jour pour Windows XP (KB955839)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB956391)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB956572)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB956802)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB956803)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB956841)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB957095)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB957097)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB958644)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB958687)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB958690)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB959426)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB960225)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB960715)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB960803)
/ Windows XP / sp4: Mise à jour de sécurité pour Windows XP (KB961373)
/ Windows XP / sp4: Mise à jour pour Windows XP (KB961503)
/ Windows XP / sp4: Mise à jour pour Windows XP (KB967715)


--- Startup entries list ---
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C

Located: HK_LM:Run, AppleSyncNotifier
command: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
file: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
size: 177472
MD5: 3C9C9DE765412F8CB483F115EE34B05D

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: FC242DBD786557AC641726DC5C13F060

Located: HK_LM:Run, BluetoothAuthenticationAgent
command: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
file: C:\WINDOWS\system32\bthprops.cpl
size: 110592
MD5: 2406501851B02B50A140690FFF45029E

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 290088
MD5: E6A4E341E4304B34AA280D3E73818C90

Located: HK_LM:Run, LXCGCATS
command: rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll
size: 73728
MD5: 6D9BFBE83F771B3121C66DE55B69DF8A

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 413696
MD5: 9C9B6807425CEF840C117654D8B033D1

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: A2D390F1F2408B94EF34BFE3A00C29D3

Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

Located: HK_CU:Run, msnmsgr
where: .DEFAULT...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3885408
MD5: 35B9FA77B73358D9063CD61AA3D83EE8

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

Located: HK_CU:Run,
where: S-1-5-21-2162064257-3298542676-3932346683-1006...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-21-2162064257-3298542676-3932346683-1006...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

Located: HK_CU:Run, LDM
where: S-1-5-21-2162064257-3298542676-3932346683-1006...
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 32768
MD5: 5588812731C64305F2579DD8215037E0

Located: HK_CU:Run, MsnMsgr
where: S-1-5-21-2162064257-3298542676-3932346683-1006...
command: "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
size: 3885408
MD5: 35B9FA77B73358D9063CD61AA3D83EE8

Located: HK_CU:Run, Veoh
where: S-1-5-21-2162064257-3298542676-3932346683-1006...
command: "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
file: C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
size: 3660848
MD5: 940F87D23CB745ECB025B13953FC9F61

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-21-2162064257-3298542676-3932346683-500...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

Located: HK_CU:Run, MSMSGS
where: S-1-5-21-2162064257-3298542676-3932346683-500...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: E13EA4860E8F2AA845B53BFD2B6FEC5B

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4

Located: HK_CU:Run, msnmsgr
where: S-1-5-18...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3885408
MD5: 35B9FA77B73358D9063CD61AA3D83EE8

Located: Démarrage (tous utilisateurs), BTTray.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
file: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
size: 499773
MD5: 5E02D2E0CD41F62A035B7A2BE46EB8C3

Located: Démarrage (tous utilisateurs), Logitech Desktop Messenger.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 450560
MD5: 9C964C7C72FD732B1A0EEC80421EDAED

Located: Démarrage (tous utilisateurs), STK014 PNP Monitor.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\STK014_V2.01\STK014M.exe
file: C:\Program Files\STK014_V2.01\STK014M.exe
size: 151552
MD5: A866530D4CAAD63DE7E5F1F374360FB0

Located: Démarrage (tous utilisateurs), Windows Desktop Search.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Windows Desktop Search\WindowsSearch.exe
file: C:\Program Files\Windows Desktop Search\WindowsSearch.exe
size: 118784
MD5: 946467B375D696FA073A6B9370A4C6CE

Located: Démarrage (tous utilisateurs), Wireless 802.11g USB Adapter.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
file: C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
size: 425984
MD5: 0D261C0C64A8681CBC253766A981444F

Located: Démarrage (utilisateur), OpenOffice.org 3.0.lnk
where: C:\Documents and Settings\coralie dethiere\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\OpenOffice.org 3\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 3\program\quickstart.exe
size: 384000
MD5: 9C8D9866C818AC54B71BE86B3193A1A3

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (scriptproxy)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: scriptproxy
CLSID name: scriptproxy
Path: c:\PROGRA~1\mcafee\VIRUSS~1\
Long name: scriptsn.dll
Short name:
Date (created): 21/03/2008 15:53:28
Date (last access): 16/05/2009 10:01:20
Date (last write): 09/01/2009 13:03:06
Filesize: 58688
Attributes: archive
MD5: D6083DE49452EAC68E9EA8364EC3AC4E
CRC32: 4CEF60B8
Version: 14.0.0.405

{9030d464-4c02-4abf-8ecc-5164760863c6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 22/01/2009 16:41:30
Date (last access): 16/05/2009 10:09:42
Date (last write): 22/01/2009 16:41:30
Filesize: 408448
Attributes: archive
MD5: B7899C3E21B299D7A3C0DA96CAE340BD
CRC32: 288935F8
Version: 5.0.818.5

{af69de43-7d58-4638-b6fa-ce66b5ad205d} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\
Long name: swg.dll
Short name:
Date (created): 24/02/2009 21:51:16
Date (last access): 16/05/2009 10:09:44
Date (last write): 24/02/2009 21:51:16
Filesize: 657904
Attributes: archive
MD5: 2C7C2CE12A0A07A36EDCBAAE469DC867
CRC32: 8A58975B
Version: 5.0.926.3450

{c84d72fe-e17d-4195-bb24-76c02e2e7c4e} (Google Dictionary Compression sdch)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Dictionary Compression sdch
CLSID name: Google Dictionary Compression sdch
Path: C:\Program Files\Google\Google Toolbar\Component\
Long name: fastsearch_219B3E1547538286.dll
Short name: FASTSE~1.DLL
Date (created): 24/02/2009 21:06:26
Date (last access): 16/05/2009 10:51:54
Date (last write): 24/02/2009 21:06:26
Filesize: 522224
Attributes: archive
MD5: E27153F524C86807079F62550094B073
CRC32: E181FF40
Version: 1.0.610.10250

{dbc80044-a445-435b-bc74-9c25c1c588a9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 14/01/2009 20:58:28
Date (last access): 16/05/2009 10:46:04
Date (last write): 09/03/2009 05:18:50
Filesize: 35840
Attributes: archive
MD5: 96A225C7F5346A9E81FC3DFA89A900C0
CRC32: BAD5D2EF
Version: 6.0.130.3

{e7e6f031-17ce-4c07-bc86-eabfe594f69c} (JQSIEStartDetectorImpl)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: JQSIEStartDetectorImpl
CLSID name: JQSIEStartDetectorImpl Class
Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
Long name: jqs_plugin.dll
Short name: JQS_PL~1.DLL
Date (created): 14/01/2009 20:58:32
Date (last access): 16/05/2009 10:40:48
Date (last write): 09/03/2009 05:18:52
Filesize: 73728
Attributes: archive
MD5: 53F8B53918C839F76367B7E612B742B1
CRC32: 735F7F91
Version: 6.0.130.3



--- ActiveX list ---
{20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class)
DPF name:
CLSID name: Checkers Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: msgrchkr.dll
Short name:
Date (created): 28/02/2007 14:21:04
Date (last access): 16/05/2009 10:40:40
Date (last write): 28/02/2007 14:21:04
Filesize: 131472
Attributes: archive
MD5: 1E5CFDF9AEBDD84305A4C8154277A269
CRC32: 73C871D0
Version: 9.5.7087.1

{5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class)
DPF name:
CLSID name: Solitaire Showdown Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: SolitaireShowdown.dll
Short name: SOLITA~1.DLL
Date (created): 28/02/2007 14:21:04
Date (last access): 16/05/2009 10:58:16
Date (last write): 28/02/2007 14:21:04
Filesize: 142248
Attributes: archive
MD5: 93F7304161C8CB7C335F99D9232BD347
CRC32: 91D38231
Version: 9.5.6986.1

{5d6f45b3-9043-443d-a792-115447494d24} (UnoCtrl Class)
DPF name:
CLSID name: UnoCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF
Codebase: http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
description:
classification: Legitimate
known filename: unomsnger.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: GAME_UNO1.dll
Short name: GAME_U~1.DLL
Date (created): 28/09/2007 05:41:28
Date (last access): 16/05/2009 10:58:16
Date (last write): 28/09/2007 05:41:28
Filesize: 381960
Attributes: archive
MD5: 80F4A456633F78A26A3C6B16E64EFEC5
CRC32: 7DFC41A5
Version: 1.0.1201.1

{67dabfbf-d0ab-41fa-9c46-cc0f21721616} (DivXBrowserPlugin Object)
DPF name:
CLSID name: DivXBrowserPlugin Object
Installer: C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf
Codebase: http://download.divx.com/player/DivXBrowserPlugin.cab
description:
classification: Legitimate
known filename: npdivx32.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\DivX\DivX Web Player\
Long name: npdivx32.dll
Short name:
Date (created): 21/11/2008 23:45:04
Date (last access): 16/05/2009 10:58:16
Date (last write): 21/11/2008 23:45:04
Filesize: 1332224
Attributes: archive
MD5: D19163C4794227D953AF0F136A59DE85
CRC32: 63D55368
Version: 1.4.2.7

{8ad9c840-044e-11d1-b3e9-00805f499d93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_13
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_13.dll
Short name: NPJPI1~1.DLL
Date (created): 09/03/2009 02:53:24
Date (last access): 16/05/2009 10:58:18
Date (last write): 09/03/2009 05:19:10
Filesize: 136600
Attributes: archive
MD5: 20188EB1790C5EB9057DDFE3EA138FC7
CRC32: 2EA1ACCF
Version: 6.0.130.3

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
description:
classification: Legitimate
known filename: MessengerStatsPAClient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~1.DLL
Date (created): 22/02/2007 23:41:12
Date (last access): 16/05/2009 10:58:18
Date (last write): 22/02/2007 23:41:12
Filesize: 304544
Attributes: archive
MD5: 8945CCA5FC4F25168E8B6F401EFAF51F
CRC32: 0F12FD23
Version: 9.5.6907.1

{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name:
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_05.dll
info link:
info source: Safer Networking Ltd.

{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name:
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi160.dll
info link:
info source: Safer Networking Ltd.

{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name:
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi160_01.dll
info link:
info source: Safer Networking Ltd.

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name:
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi160_02.dll
info link:
info source: Safer Networking Ltd.

{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name:
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

{cafeefac-0016-0000-0004-abcdeffedcba} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_04
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_04\bin\
Long name: npjpi160_04.dll
Short name: NPJPI1~1.DLL
Date (created): 14/12/2007 01:59:16
Date (last access): 16/05/2009 10:58:18
Date (last write): 14/12/2007 03:42:38
Filesize: 132496
Attributes: archive
MD5: 58A1C3B13CC79E76F66CA6F8FED3B36A
CRC32: A4EACB48
Version: 6.0.40.12

{cafeefac-0016-0000-0007-abcdeffedcba} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10/06/2008 02:32:34
Date (last access): 16/05/2009 10:58:18
Date (last write): 10/06/2008 04:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{cafeefac-0016-0000-0013-abcdeffedcba} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_13
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_13.dll
Short name: NPJPI1~1.DLL
Date (created): 09/03/2009 02:53:24
Date (last access): 16/05/2009 10:58:18
Date (last write): 09/03/2009 05:19:10
Filesize: 136600
Attributes: archive
MD5: 20188EB1790C5EB9057DDFE3EA138FC7
CRC32: 2EA1ACCF
Version: 6.0.130.3

{cafeefac-ffff-ffff-ffff-abcdeffedcba} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_13
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_13.dll
Short name: NPJPI1~1.DLL
Date (created): 09/03/2009 02:53:24
Date (last access): 16/05/2009 10:58:18
Date (last write): 09/03/2009 05:19:10
Filesize: 136600
Attributes: archive
MD5: 20188EB1790C5EB9057DDFE3EA138FC7
CRC32: 2EA1ACCF
Version: 6.0.130.3

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash10a.ocx
Short name:
Date (created): 05/10/2008 05:16:26
Date (last access): 16/05/2009 10:58:18
Date (last write): 05/10/2008 05:16:26
Filesize: 3789728
Attributes: archive
MD5: 466C1355934925768822E380DA6E6E4A
CRC32: 48EC1E52
Version: 10.0.12.36

{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class)
DPF name:
CLSID name: Minesweeper Flags Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
description:
classification: Legitimate
known filename: MineSweeper.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MineSweeper.dll
Short name: MINESW~1.DLL
Date (created): 28/02/2007 14:21:04
Date (last access): 16/05/2009 10:58:18
Date (last write): 28/02/2007 14:21:04
Filesize: 130472
Attributes: archive
MD5: E661E91B5929632665683222D509D271
CRC32: 63A9B975
Version: 9.5.6986.1



--- Process list ---
PID: 0 ( 0) [System]
PID: 448 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 496 ( 448) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 520 ( 448) \??\C:\WINDOWS\system32\winlogon.exe
size: 512000
PID: 564 ( 520) C:\WINDOWS\system32\services.exe
size: 111104
MD5: C3FB1D70CB88722267949694BA51759E
PID: 576 ( 520) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB
PID: 728 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 784 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 852 ( 564) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 980 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1124 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1180 (1160) C:\WINDOWS\Explorer.EXE
size: 1037824
MD5: F2317622D29F9FF0F88AEECD5F60F0DD
PID: 1280 ( 564) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 18752
MD5: B4253776EE034F6770FCEE32C28490B0
PID: 1336 ( 564) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 138680
MD5: 62889D40A3FB1A9012428E16FE0DC67A
PID: 1580 ( 564) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: 460E4CE148BD07218DA0B6A3D31885A9
PID: 1636 ( 564) c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
size: 81920
MD5: 493B1D854F98D611CCA249014C6E631A
PID: 1916 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1948 ( 564) C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
size: 438272
MD5: 20BC7169B76BFD41CA21B3B82D501922
PID: 1964 ( 564) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 132424
MD5: A8AA9D47F971570A5162B862B80F87E8
PID: 2008 ( 564) C:\Program Files\Bonjour\mDNSResponder.exe
size: 238888
MD5: 3F56903E124E820AEECE6D471583C6C1
PID: 2024 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 168 ( 564) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
size: 135168
MD5: 09EAE9824FBBB881E7B4D9F5CAFD24F0
PID: 228 ( 564) C:\Program Files\Java\jre6\bin\jqs.exe
size: 152984
MD5: 890369AED0DDE1A98F09F7DC239CA2BD
PID: 344 ( 564) c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
size: 359952
MD5: 5A8D1ACD2070B8261236D5484AE63721
PID: 924 ( 564) C:\Program Files\McAfee\MPF\MPFSrv.exe
size: 884360
MD5: 545B1165BCA3990A3F2579170C7F34D1
PID: 884 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1096 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: E4BDF223CD75478BF44567B4D5C2634D
PID: 1552 ( 564) C:\WINDOWS\system32\SearchIndexer.exe
size: 300032
MD5: 2EC497AA4B728D1B1A368ACF2E309E8B
PID: 2364 ( 564) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 254040
MD5: F09461C8ECCACE33C271CC229F11E281
PID: 2392 ( 564) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
size: 352920
MD5: 23CA3E54474AE5FFDBC0F97B9E1815DB
PID: 2760 ( 564) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 5E9A6658A2A69AE7EB195113B7A2E7A9
PID: 3196 (1180) C:\Program Files\iTunes\iTunesHelper.exe
size: 290088
MD5: E6A4E341E4304B34AA280D3E73818C90
PID: 3228 (1180) C:\Program Files\Java\jre6\bin\jusched.exe
size: 148888
MD5: A2D390F1F2408B94EF34BFE3A00C29D3
PID: 3264 (1180) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: FC242DBD786557AC641726DC5C13F060
PID: 3300 (1180) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4
PID: 3360 (1180) C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
size: 3885408
MD5: 35B9FA77B73358D9063CD61AA3D83EE8
PID: 3380 (1180) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 32768
MD5: 5588812731C64305F2579DD8215037E0
PID: 3396 (1180) C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
size: 3660848
MD5: 940F87D23CB745ECB025B13953FC9F61
PID: 3416 (1180) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
size: 499773
MD5: 5E02D2E0CD41F62A035B7A2BE46EB8C3
PID: 3472 (1180) C:\Program Files\STK014_V2.01\STK014M.exe
size: 151552
MD5: A866530D4CAAD63DE7E5F1F374360FB0
PID: 3496 (1180) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
size: 118784
MD5: 946467B375D696FA073A6B9370A4C6CE
PID: 3512 (1180) C:\Program Files\Wireless 802.11g USB Adapter\ZDWlan.exe
size: 425984
MD5: 0D261C0C64A8681CBC253766A981444F
PID: 3560 (3536) C:\Program Files\OpenOffice.org 3\program\soffice.exe
size: 7424000
MD5: 76DAC52F7A6D3AD3C8307D012ACF46CE
PID: 3656 (3560) C:\Program Files\OpenOffice.org 3\program\soffice.bin
size: 7418368
MD5: EEBF2F715C02C8A6CE6DBE844DD1B4E3
PID: 3764 ( 564) C:\Program Files\iPod\bin\iPodService.exe
size: 536872
MD5: 62937A89470AF8FF172F0980CA8AEFC9
PID: 2844 (1180) C:\Program Files\Mozilla Firefox\firefox.exe
size: 307704
MD5: CA2AC84AA6C67F742D9785E553848927
PID: 2788 ( 364) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 3736 (1552) C:\WINDOWS\system32\SearchProtocolHost.exe
size: 182784
MD5: 4B0EA20D942AF11584D2D72A8419E3CB
PID: 2888 (1552) C:\WINDOWS\system32\SearchFilterHost.exe
size: 76800
MD5: 0B57A82B223AA3CFDD264D9DB8491D43
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 16/05/2009 10:59:42

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.bing.com/spresults.aspx
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
Absolute Patience (absolute patience)
uninstall cmd: C:\Program Files\Absolute Patience\uninstall.exe

Adobe Flash Player 10 Plugin 10.0.22.87 (Adobe Flash Player Plugin)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
publisher: Adobe Systems Incorporated

Adobe Shockwave Player 11 (adobe shockwave player)
version (major): 11
install location: C:\WINDOWS\system32\Adobe\
uninstall cmd: C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
publisher: Adobe Systems, Inc.
help link: https://helpx.adobe.com/shockwave.html

Adobe Photoshop CS3 10.0 (adobe_32e9033392a51340b32fdc6ad893ab7)
estimated size: 1112748
uninstall cmd: C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
publisher: Adobe Systems Incorporated
help link: https://helpx.adobe.com/support.html
help telephone: https://helpx.adobe.com/fr/contact.html

Adobe ExtendScript Toolkit 2 2.0.2 (adobe_3e054d2218e7aa282c2369d939e58ff)
estimated size: 16809
uninstall cmd: C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
publisher: Adobe Systems Incorporated

Adobe Color Common Settings 1.0.1 (adobe_6c8e2cb4fd241c55406016127a6ab2e)
estimated size: 9416
uninstall cmd: C:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
publisher: Adobe Systems Incorporated

Alice Auto-diagnostic (AliceSAV)
uninstall cmd: C:\Program Files\TechCity Solutions\AliceSAV\uninstall.exe

avast! Antivirus 4.8 (avast!)
version (major): 4
version (minor): 8
install location: C:\PROGRA~1\ALWILS~1\Avast4
install source: C:\DOCUME~1\CORALI~1\Bureau
uninstall cmd: C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
publisher: Alwil Software
help link: https://www.avast.com/fr-fr/index

Big Fish Games Client 1.2.5.17 (BFGC)
uninstall cmd: C:\Program Files\bfgclient\Uninstall.exe

(Branding)

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"
publisher: Piriform

(cdex)

(Connection Manager)

dBpoweramp m4a Codec Release 7 (dbpoweramp m4a codec)
estimated size: 2129
install location: C:\Program Files\Illustrate\dBpoweramp
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
publisher: Illustrate

dBpoweramp Music Converter Release 13 (dbpoweramp music converter)
estimated size: 13606912
install location: C:\Program Files\Illustrate\dBpoweramp
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
publisher: Illustrate

dBpoweramp Windows Media Audio 10 Codec Release 5 (dbpoweramp windows media audio 10 codec)
estimated size: 580
install location: C:\Program Files\Illustrate\dBpoweramp
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
publisher: Illustrate

(directdrawex)

(dxm_runtime)

(expinst)

(fontcore)

FrostWire 4.17.2 4.17.2.0 (frostwire)
uninstall cmd: C:\Program Files\FrostWire\Uninstall.exe
publisher: FrostWire, LLC
help link: www.FrostWire.com

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20071103
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

(ie40)

(ie4data)

(ie5bakex)

Windows Internet Explorer 7 20070813.185237 (ie7)
install date: 20071103
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/office/internet-explorer-help-23360e49-9cd3-4dda-ba52-705336cc0de2?ui=en-US&rs=en-001&ad=US

Windows Internet Explorer 8 20090308.140743 (ie8)
install date: 20090503
uninstall cmd: "C:\WINDOWS\ie8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/office/internet-explorer-help-23360e49-9cd3-4dda-ba52-705336cc0de2?ui=en-US&rs=en-001&ad=US

(iedata)

(IEREADME)

(InstallShield Uninstall Information)

VeohTV BETA 3.9.8 (installshield_{0405e51e-9582-4207-8f38-ac44201d3808})
version: 50921480
version (major): 3
version (minor): 9
estimated size: 13841
install date: 20081026
install location: C:\Program Files\Veoh Networks\Veoh\
install source: C:\WINDOWS\Downloaded Installations\{3FD9E85F-2F64-411A-B221-A3308BA9327A}\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
publisher: Veoh Networks, Inc.

DesignPro SE 5.0.1056 (installshield_{105e1a5b-a749-4825-a8a1-afd16615dc6c})
version: 83887136
version (major): 5
estimated siz
0
Réponse 20 / 51
coco2571
 
Bonjour, je ne trouve pas C:\WINDOWS\system32\*.msnfix sinon pour les mises à jour , j'ai eu :
Itune
Ccleaner
adobe reader
quicktime
Frostwire
Divx
Shockwave
et firefox .
0