Chev de troie et plein de beug !pe pa enlevé!

Résolu

Utilisateur anonyme -
fix200 Messages postés 3365 Statut Contributeur sécurité - 3 févr. 2010 à 11:43

salut a vous les internautes
j'ai choper un p _ _ _ _ n de cheval de Troie et j'ai avg internet security payant de surcroit ^^ !
et il n'arrive pas à m'en débarrasser
je sais que je peux compter sur vous alors j'ai commencé par faire un hidjackdhis
Je connais la manip
je vous colle mon log
si quelqu'un peu m'aider ce serais super sympa car la ça beug grave j'"ai outlook express qui n'a plus son icône normal et j'ai WMPlayer qu'a disparu obligé de réinstaller la dernière version croyant que le virus était rester en quarantaine mais il n'est plus là et je ne veux pas formater je suis en dual boot en plus alors pitié
un peu d'aide serais bien venus
Voici le log hidjackdhis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:58, on 01/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Registry Mechanic\RegMech.exe
D:\PROGRA~1\AVG\AVG9\avgtray.exe
D:\Program Files\AVG\AVG9\avgwdsvc.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\cisvc.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\AVG\AVG9\avgam.exe
D:\Program Files\AVG\AVG9\avgnsx.exe
D:\WINDOWS\System32\snmp.exe
D:\Program Files\AVG\AVG9\avgemc.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\cidaemon.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Documents and Settings\forminux1\Bureau\HiJackThis.exe
D:\Program Files\OpenOffice.org 3\program\swriter.exe
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RegistryMechanic] D:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKLM\..\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [UpdateManager] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [SessMgr] D:\WINDOWS\System\sessmgr.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [SessMgr] D:\WINDOWS\System\sessmgr.exe /waitservice (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://ma-config.com/plugins/MaConfig_4_0_1_3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: offline-8876480 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe

Afficher la suite

A voir également:

Chev de troie et plein de beug !pe pa enlevé!
Hiren's bootcd pe - Télécharger - Divers Utilitaires
Meyclub levallois pe - Forum Vos droits sur internet
Iptv beug ✓ - Forum Applis & Sites
Bart pe - Télécharger - Personnalisation
Enlever mot de passe windows 10 - Guide

41 réponses

Réponse 21 / 41

fix200 Messages postés 3365 Statut Contributeur sécurité 158

Très bien :)

mets à jour puis repasse mbam (scan rapide) et colle le rapport.

Fais moi un scan avec ton antivirus (mets le à jour avant) et colle le rapport.

Refais un scan ZHPDiag, coche bien toutes les options (sauf la 045 et 061), poste le nouveau rapport obtenu (via Cijoint).

Réponse 22 / 41

Utilisateur anonyme

Ok ça marche!
merci fix200

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 23 / 41

Utilisateur anonyme

re
analyse zhpdiaG le voilà désolé je m'ètait gourré
analyse mbam:
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3678
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

02/02/2010 16:30:10
mbam-log-2010-02-02 (16-30-10).txt

Type de recherche: Examen rapide
Eléments examinés: 104144
Temps écoulé: 4 minute(s), 20 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
______________________________________

analyse AVG
"L'Analyse ""Analyse zones sélectionnées"" est terminée."
"Avertissements";"52";"52";"0"
"Dossiers sélectionnés pour l'analyse :";"D:\;"
"Analyse démarrée :";"mardi 2 février 2010, 16:35:44"
"Analyse terminée :";"mardi 2 février 2010, 16:49:42 (13 minute(s) 58 seconde(s))"
"Total des objets analysés :";"107827"
"Utilisateur ayant exécuté l'analyse :";"forminux1"

"Avertissements"
"Fichier";"Infection";"Résultat"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite";"Détection de : Tracking cookie.Atdmt ";"Réparé"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\ad.yieldmanager.com.539b0606";"Détection de : Tracking cookie.Yieldmanager ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\ad.yieldmanager.com.557bf2b0";"Détection de : Tracking cookie.Yieldmanager ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\ad.yieldmanager.com.830b6f08";"Détection de : Tracking cookie.Yieldmanager ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\ad.yieldmanager.com.8a47878";"Détection de : Tracking cookie.Yieldmanager ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\ad.yieldmanager.com.b68f2b7b";"Détection de : Tracking cookie.Yieldmanager ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\ad.yieldmanager.com.c982816c";"Détection de : Tracking cookie.Yieldmanager ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\ad.yieldmanager.com.ff92306";"Détection de : Tracking cookie.Yieldmanager ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\advertising.com.1820df7a";"Détection de : Tracking cookie.Advertising ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\advertising.com.203aa218";"Détection de : Tracking cookie.Advertising ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\advertising.com.b624fa46";"Détection de : Tracking cookie.Advertising ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\advertising.com.f62113d5";"Détection de : Tracking cookie.Advertising ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\adviva.net.39ec90c";"Détection de : Tracking cookie.Adviva ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\atdmt.com.7247c262";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\atdmt.com.74c5668";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\atdmt.com.9e6d7fd3";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\atdmt.com.b3e33b5f";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\bluestreak.com.bf396750";"Détection de : Tracking cookie.Bluestreak ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\bs.serving-sys.com.5bf1f00f";"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\doubleclick.net.bf396750";"Détection de : Tracking cookie.Doubleclick ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\estat.com.efda7a5a";"Détection de : Tracking cookie.Estat ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\m.webtrends.com.b4ca7df0";"Détection de : Tracking cookie.Webtrends ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\msnportal.112.2o7.net.7225be6f";"Détection de : Tracking cookie.2o7 ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\revsci.net.2df99d79";"Détection de : Tracking cookie.Revsci ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\revsci.net.44927ec";"Détection de : Tracking cookie.Revsci ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\serving-sys.com.255d6f2f";"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\serving-sys.com.400f83f";"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\serving-sys.com.4b416ef8";"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\serving-sys.com.606c3d3b";"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\serving-sys.com.6a1cf9e8";"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\serving-sys.com.c9034af6";"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\smartadserver.com.321a5cf8";"Détection de : Tracking cookie.Smartadserver ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\smartadserver.com.3e749ab9";"Détection de : Tracking cookie.Smartadserver ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\smartadserver.com.5550c4ed";"Détection de : Tracking cookie.Smartadserver ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\smartadserver.com.bf8b766";"Détection de : Tracking cookie.Smartadserver ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\smartadserver.com.c5827141";"Détection de : Tracking cookie.Smartadserver ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\tradedoubler.com.adc507fa";"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\tradedoubler.com.ba12c0e9";"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\tradedoubler.com.eab0972e";"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\tradedoubler.com.ef90aa95";"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\tradedoubler.com.f4648305";"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\tribalfusion.com.dcc03271";"Détection de : Tracking cookie.Tribalfusion ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\weborama.fr.30104bcb";"Détection de : Tracking cookie.Weborama ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\weborama.fr.5f498b98";"Détection de : Tracking cookie.Weborama ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Application Data\Mozilla\Firefox\Profiles\5znbml50.default\cookies.sqlite:\weborama.fr.f636611";"Détection de : Tracking cookie.Weborama ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Cookies\forminux1@atdmt[2].txt";"Détection de : Tracking cookie.Atdmt ";"Réparé"
"D:\Documents and Settings\forminux1\Cookies\forminux1@atdmt[2].txt:\atdmt.com.7247c262";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Cookies\forminux1@atdmt[2].txt:\atdmt.com.74c5668";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Cookies\forminux1@atdmt[2].txt:\atdmt.com.9e6d7fd3";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Cookies\forminux1@atdmt[2].txt:\atdmt.com.b3e33b5f";"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
"D:\Documents and Settings\forminux1\Cookies\forminux1@msnportal.112.2o7[1].txt";"Détection de : Tracking cookie.2o7 ";"Réparé"
"D:\Documents and Settings\forminux1\Cookies\forminux1@msnportal.112.2o7[1].txt:\msnportal.112.2o7.net.7225be6f";"Détection de : Tracking cookie.2o7 ";"Placé en quarantaine"
"D:\"forminux1"\fin de l'analyse.

Voilà fix200 qu'est-ce que t'en pense pour l'instant , tu crois que tu l'a éradiquer ce cheval de troie si oui merci infiniment
j'attend ta réponse
amicalement

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 24 / 41

Utilisateur anonyme

c'est bon j'ai rectifier mon erreur désolé

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 41

Utilisateur anonyme

re
je vois que tu n'est plus là , j'éteint mon pc je le ralumerais dans 1 h ou 2
on en était rendu la j'pense quant même que tu la eu ;-))
j'ai regarder les logs ça ma l'air pas mal mais je prèfaire attendre ton avis avant de pouvoir retravailler dessus !
a+ fix200
encore mille merci
amicalement.....

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 26 / 41

fix200 Messages postés 3365 Statut Contributeur sécurité 158

Re,

1- Supprime ceci :
D:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe

2- Démarrer => exécuter

Tape : Combofix /uninstall

Valide par OK

ComboFix va redémarrer puis se supprimer

3- Supprime le logiciel Desktop Messenger (spyware)

_____________________________________________________

1: Pour supprimer les outils spécifiques utilisés lors la désinfection :

Télécharge ToolsCleaner2 (de A.Rothstein) sur ton Bureau

▶ Sous XP : Double-clique sur ToolsCleaner2.exe
▶ Sous Vista : Fais un clic droit sur ToolsCleaner2.exe et sélectionne "Exécuter en tant qu'administrateur"
▶ Clique sur Recherche et laisse le scan se terminer.
▶ Clique sur Suppression pour finaliser.
▶ Tu peux, si tu le souhaites, te servir des Options facultatives.
▶ Clique sur Quitter (et pas sur la croix rouge!) , pour que le rapport puisse se créer.
▶ Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\), colle le dans ta réponse.

______________________________________________________

2: Nettoyage des fichiers temporaires :

Télécharge ATF Cleaner par Atribune

Sous XP : Double-clique ATF-Cleaner.exe afin de lancer le programme.
Sous Vista : Fais un clic droit sur ATF-Cleaner.exe et choisis " Exécuter en tant qu'admin..."
▶ Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.
▶ Si tu possèdes : Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.
▶ Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passes .

Aide : Comment utiliser ATF-Cleaner.

Télécharge CCleaner sur ton bureau

▶ Installe le programme.
▶ Lance CCleaner puis Clique sur "Options" → "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
▶ Dans le menu " Nettoyeur " → "Analyse" .
▶ Ensuite clique sur le bouton "Lancer le nettoyage" et laisse le faire.
▶ Maintenant dans l'onglet "Registre" → "Chercher des erreurs .
▶ Réponds a Oui a la question qui te sera posée.
▶ Enfin , répare les erreurs en cliquant sur " Réparer les erreurs sélectionnés "
.

* Note : Refais trois fois , une réparation du registre pour que cela soit efficace !

Aide : Comment utiliser CCleaner ?

______________________________________________________

3 : Purge de la restauration du système :

⇒ Sous XP :

* Désactivation :

▶ Clic droit sur le Poste de travail → Propriétés → Onglet "Restauration du système" → coche la case "Désactiver la Restauration du système sur tous les lecteurs" → Appliquer.
▶ Patiente jusqu'à que cela soit marqué "désactivée" puis OK.
⇒ Redémarre le PC.

* Activation :

▶ Suis le même chemin ; décoche la case "Désactiver la Restauration du système sur tous les lecteurs" > Appliquer.
▶ Attends que cela soit a nouveau sur "Surveillance" puis OK.
⇒ Redémarre le PC.

⇒ Sous Vista :

* Désactivation:

▶ Clique droit sur " Ordinateur " → Propriétés → Paramètres système avancés → onglet Protection du Système.
▶ Décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur " Désactiver la protection du système " → Appliquer → OK.

⇒ Redémarre ton PC.

* Activation :

▶ Suis le même chemin , décoche " Désactiver la protection du système " → Appliquer → OK.
⇒ Redémarre ton PC.

______________________________________________________

4: Création d'un point de restauration sain :

⇒ Sous XP

⇒ Sous Vista

______________________________________________________

5: Ménage & Optimisation :

* Nettoyage de disque:

▶ Clic droit sur "Poste de travail" → "Ouvrir" > Clic droit sur le disque C → Propriétés → Onglet "Général"
▶ Clique sur le bouton "Nettoyage de disque" → OK
▶ Fais la même chose pour chacun de tes disques

* Défragmentation:

● Menu "Démarrer" → "Tous les programmes" → Accessoires → Outils système → "Défragumenteur de disque"
▶ Clique sur Analyser, s'il te demande de défragmenter , tu Défragmentes.
› › Fais le même chose pour chacun de tes disques.

Note : si tu as un utilitaire pour défragmenter , utilise le à la place

* Vérifications des erreurs :

▶ Clic droit sur "Poste de travail" / "Ordinateur" → "ouvrir" → clic droit sur le disque C → Propriétés → Onglet "Outil" → "Vérifier maintenant", une boîte s'ouvre, coche les cases :

- Réparer automatiquement les erreurs...
- Rechercher et tenter une récupération...

⇒ Démarrer, OK

Note : s'il te dis de redémarrer ton PC pour le faire , tu redémarres et tu laisses faire, cela prend un peu de temps c'est normal

______________________________________________________

6: Remise en place des paramètres système par défaut :

▶ Démarrer → Panneau de configuration → Options des dossiers → onglet 'Affichage'
- [Décoche] Afficher les fichiers et dossiers cachés
- [Coche] Masquer les fichiers protégés du système d'exploitation (recommandé)
- Clique sur Appliquer, puis OK.

▶ Tu peux maintenant à réactiver toutes tes protections résidentes (Antivirus, Antispyware, Firewall).

▶ Si tu as Vista : Tu peux réactiver l'UAC :

- Menu Démarrer > Panneaux de configuration .
- Clique sur l'icône " Comptes d'utilisateurs " puis sur " Activer ou désactiver le contrôle des comptes d'utilisateurs " .
- Coche la case : " Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur "
- Valide par OK , il sera demandé de redemarrer le PC , fais le ! .

▶ Tu peux vider la quarantaine de ton antivirus , ton anti-spyware , et celle de MalwareBytes' .

7: Maintenir son système a jour contre les failles de sécurité :

⇒ Windows :

• Installe ces quelque mises a jours critiques :

Windows XP SP3

• Rends toi ICI (avec internet explorer !)

! Ferme tes applications en cours (seulement le navigateur) !
• Installe TOUTES les mises a jours critiques (M.A.J's de sécurité, framwork etc...)

• Laisse toi guider ...

⇒ Java :

• Désinstalle tes versions de Java et installe la nouvelle version :

• Télécharge JavaRa.zip

• Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)

• Double-clique sur le répertoire JavaRa obtenu.

• Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)

• Clique sur " Search For Updates ".

• Sélectionne " Update Using jucheck.exe " puis clique sur Search.

• Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.

• Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur " Remove Older Versions ".

• Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.

• Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.

Note : le rapport se trouve aussi là : ( C:\JavaRa.log )

**Aide** : Comment Utiliser JavaRa ?

⇒ Autres Mises a jours a effectuer :

• Tu peux aussi mettre a jour tes logiciels grâce a Update Checker

• Tutoriel

~~> Je t'invite a lire ça: Le danger des failles de sécurité

______________________________________________________

Télécharge TrendMicro™ HijackThis™ sur ton bureau.

▶ Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

▶ Clique sur Install ensuite sur I Accept

▶ Lance un scan en cliquant sur " do a system scan and save a logfile " .

▶ Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

▶ Copie-colle son contenu A ta prochaine réponse.

⇒ Aide :
› Démonstration animée (Merci baltrap34)
› Tutoriel HijackThis

Réponse 27 / 41

Utilisateur anonyme

ok
je note tout ça et je mis met
merci fix200
a plustard!
amicalement....

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 28 / 41

fix200 Messages postés 3365 Statut Contributeur sécurité 158

Ok

:)

Réponse 29 / 41

Utilisateur anonyme

re
ça commence mal et j'ai avg qui c'est mis en route et ma refait un log
"L'Analyse ""Nouvelle tâche programmée"" est terminée."
"Infections";"1";"1";"0"
"Dossiers sélectionnés pour l'analyse :";"Analyse complète"
"Analyse démarrée :";"lundi 1 février 2010, 15:28:03"
"Analyse terminée :";"lundi 1 février 2010, 15:28:03"
"Total des objets analysés :";"0"
"Utilisateur ayant exécuté l'analyse :";"SYSTEM"

"Infections"
"Fichier";"Infection";"Résultat"
"D:\System Volume Information\_restore{B4F62F14-1DEC-4E66-83E8-9D48575F894F}\RP42\A0012630.exe";"Cheval de Troie : Downloader.Generic9.AMTP";"Placé en quarantaine"

ça fait que l'examen n'etait pas fini alors que tout a l'heure il c'est fini normalement ???
qu'est-ce que je fait je continu c'que tu ma dit ou faut faire autre chose de toute façon il est en quarantaine il ne peux pas causer de dégâts
Qu'est-ce que t'en penses?
il ma l'aire coriace ce p_ _ _ _ n de cheval de M _ _ _ E et j'arrive pas à le supprimer de la quarantaine^^ !
je continue où pas?
j'attend ton avis!

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 30 / 41

Utilisateur anonyme

re
quoi qu'il me marque supprimer et réparer je fait quoi alors
c'que tu ma dis de faire?
tu as lu la réponse que j't'ai poster au dessus avant? celle-ci ?
j'attend
dur dur^^!

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 31 / 41

Utilisateur anonyme

re
enfin tèrminé ouf!
bon pour le rapport tool cleanear , sans le vouloir je l'est éffacé mais t'inquiête pas ça disait ZHPDIAG trouvé!
combofix trouvé fin du scann j'ai même vider la corbeille les fichiers temp enfin ça c'est bien passer!maintenant il me reste plus qu'a te poster le rapport javara:
que voilà:
JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Feb 03 02:28:50 2010

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

------------------------------------

Finished reporting.
et j'te colle le rapport hidjackthis dans la prochaine réponse
a +

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 32 / 41

Utilisateur anonyme

re
voici le rapport trendmicro hidjackdhis:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 02:58:12, on 03/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\AVG\AVG9\avgwdsvc.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\snmp.exe
D:\Program Files\Registry Mechanic\RegMech.exe
D:\Program Files\AVG\AVG9\avgam.exe
D:\Program Files\AVG\AVG9\avgemc.exe
D:\Program Files\AVG\AVG9\avgnsx.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [RegistryMechanic] D:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKLM\..\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [UpdateManager] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://ma-config.com/plugins/MaConfig_4_0_1_3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: offline-8876480 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - D:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - D:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - D:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - D:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - D:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - D:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - D:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - D:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Service SNMP (SNMP) - Unknown owner - D:\WINDOWS\System32\snmp.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - D:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - D:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - D:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - D:\Program Files\Windows Media Player\WMPNetwk.exe

Réponse 33 / 41

Utilisateur anonyme

rapport hidjackdhis
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 02:58:12, on 03/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\AVG\AVG9\avgwdsvc.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\snmp.exe
D:\Program Files\Registry Mechanic\RegMech.exe
D:\Program Files\AVG\AVG9\avgam.exe
D:\Program Files\AVG\AVG9\avgemc.exe
D:\Program Files\AVG\AVG9\avgnsx.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [RegistryMechanic] D:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKLM\..\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [UpdateManager] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://ma-config.com/plugins/MaConfig_4_0_1_3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: offline-8876480 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - D:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - D:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - D:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - D:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - D:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - D:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - D:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - D:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Service SNMP (SNMP) - Unknown owner - D:\WINDOWS\System32\snmp.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - D:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - D:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - D:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - D:\Program Files\Windows Media Player\WMPNetwk.exe

je ne sais pas si tu as vu ce poste
ce poste et

avant de commencer
mais bon j'ai réussi à supprimer le 2 mais le=>1- Supprime ceci :
3- Supprime le logiciel Desktop Messenger (spyware)impossible de le trouver ???

End of file - 19688 bytes

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 34 / 41

Utilisateur anonyme

je te colle le dernier log de trend micro hijackdhis
j'ai fixer les lignes y'en avait que 2 à fixer
franchement t'as fait du beau boulot total respect le 1er rapport est poste 33
après avoir fixer les 2 lignes voici le rapport:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 03:37:07, on 03/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\AVG\AVG9\avgwdsvc.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\snmp.exe
D:\Program Files\Registry Mechanic\RegMech.exe
D:\Program Files\AVG\AVG9\avgam.exe
D:\Program Files\AVG\AVG9\avgemc.exe
D:\Program Files\AVG\AVG9\avgnsx.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Windows NT\Accessoires\wordpad.exe
D:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [RegistryMechanic] D:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKLM\..\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [UpdateManager] "D:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://ma-config.com/plugins/MaConfig_4_0_1_3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: offline-8876480 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - D:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - D:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - D:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - D:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - D:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - D:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - D:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - D:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Service SNMP (SNMP) - Unknown owner - D:\WINDOWS\System32\snmp.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - D:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - D:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - D:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - D:\Program Files\Windows Media Player\WMPNetwk.exe

End of file - 19521 bytes

en te remerciant fix200 , tu ma sauver mon pc il fonctionne comme sur des roulettes
total respect et mille merci l'ami
il est 4h10 du mat mais j'm'en fou tu ma résolu mon problème
encore merci à toi fix200

cordialement..
ps:à demain

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 35 / 41

fix200 Messages postés 3365 Statut Contributeur sécurité 158

Salut,

J'avais pas demandé de faire un scan AVG: je suis sûr et certain qu'il trouvra dans la restauration du système, donc pas de panique puisque j'ai demandé de la purger.

Ce qui concerne le logiciel, je parle de ça:
O18 - Protocol: bw+0 - {983F12DD-EBA7-4CF1-B45F-4521C37227B3} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

===============================

Désinstalle Registry Mechanic, CCleaner suffit.

===============================

~~> Fixer les lignes :

▶ Lance Hijackthis

▶ Choisis " Do a system scan only "

▶ Coche ces lignes sur leurs gauche : (et uniquement celles ci !!)

O4 - HKLM\..\Run: [RegistryMechanic] D:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://ma-config.com/plugins/MaConfig_4_0_1_3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

▶ Clique sur " FIX CHECKED " et valide au message d'avertissement.

▶ Redémarre ton PC .

› Tutoriel , Fixer les lignes avec Hijackthis

================================

Refais un coup CCleaner

=================================

► Nettoyage :

• Passe une fois tout les deux jours un coup de nettoyage avec ATF-Cleaner, puis CCleaner.

• Passe une fois tous les 15 jours une défragmentation.

► Logiciels de protection :

⇒ Antivirus:

• Je te conseille de désinstaller AVG proprement et opter pour Antivir
• Aide :
Tutoriel
Tutoriel de configuration en images
Tutoriel de configuration en video(MERCI NICO)
Comparatif Antivirus.
Enfin, c'est toi qui choisi, c'est une proposition ;)

⇒ Anti-spyware:

• Télécharge et Installe Spyware-blaster,qui est léger en ressources, met le a jour régulièrement,et active toutes les protections (« Enable all protection »).
• Télécharge et installe Spyware Guard et garde le sur ton PC.
• Garde Malwarebytes en complément.

⇒ Firewall:

• Désactive le firewall de windows , car il ne vaut rien :
Sous XP
Sous Vista

• Je te conseille si tu n'as pas , afin d'installer un pare-feu pour mieux sécuriser ton PC , voici quelque uns que je trouve très bien :

› Online Armor Personal Firewall (gratuit)
› Kerio
› PC Tools Firewall Plus (<= N'INSTALLE PAS SPYWARE DOCTOR !!!!)

› Tutoriel Online Armor
› Tutoriel Kerio
› Tutoriel PC Tools

⇒ Navigateur:

• Je te conseille vivement d’installer ces trois extensions de sécurité suivantes pour Firefox et surfer avec :
› WOT : pour se protéger des sites malveillants.
Tuto

› No Script
Tutoriel et test No Script

› Adblock Plus , Pour bloquer les pubs.
Tutoriel d'utilisation

► Surveillance :

• Fais un scan avec ton antivirus a chaque fin de semaine (mets le à jour avant de lancer le scan)

• Mets a jour régulièrement Malwarebytes', fais un scan rapide a chaque semaine.

• Mets a jour régulièrement Windows, vérifie que les mises a jours automatiques sont bien activés :
› Démarrer > Panneau de configuration
choisis l'icône Windows Update, coche la case Mise à jour automatique. Ainsi, Windows et les autres produits de Microsoft comme Internet Explorer, Windows Defender, Windows Media Player etc...

• Mets a jour régulièrement Java, adobe reader, comme expliqué

• Utilise régulièrement Update checker comme expliqué.

• Fais régulièrement une sauvegarde de donnés sur un support externe; ça peut être utile au cas où le système plante.

► Prévention:
Je t'invite à lire ces articles pour éviter une ré-infection au futur: [30 Minutes de lecture très instructive]

Sécuriser son ordinateur et connaitre les menaces (Merci Malekal)

Prévention & Protection sur internet (Grand merci aux auteurs de ce très bon PDF)

Voila, bonne lecture et une fois tous ceci fait et lu tu peux mettre le topic comme résolu.

Bon surf et soit plus vigilent(e) a l'avenir ! ;)

Cordialement Fix.

++

Réponse 36 / 41

Utilisateur anonyme

salut
hé l'ami je fait c'que tu m'dis de faire ce poste tu me dit bien de faire un scann avec mon anti-virus non ??? et mon anti virus est payant et je l'ai payer bien sur il comprend la protection résidente le pare feu l'anti spam les spywares, le bouclier web
AVG internet security , on en dit que du bien sur la version payante il scan même mes e mails il est au top sauf que la j'ai choper ce cheval de Troie avant d'avoir acheter AVG si tu relis bien tout le tuto et c'est quant j'ai fait le premier scann qu'il ma trouver ce cheval de M - - - E et j'te remercie mille fois pour tout ces lien je vais y prendre la plus grande attention ! en te remerciant encore pour tout fix200 je te souhaite une excellente journée

amicalement...

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 37 / 41

fix200 Messages postés 3365 Statut Contributeur sécurité 158

re,

Ok,

N'oublie surtout pas d'installer les logiciels sités (spyware guard, spyware blaster et un pare-feu)
Les suites de sécurité, sont pas vraiment efficaces contre les spywares, de même pour le parfeu inclus dans AVG.
Surtout: lis bien les liens de prévention.

Tu as des questions à poser, MP.

Bon surf ;)

Amicalement,
Fix

Réponse 38 / 41

Utilisateur anonyme

OK je suis tjrs tes conseils a la lettre mais si j'installe un autre par feu , ça ne risque pas de rentrer en conflit avec ma protection firewall?
sinon merci à toi et bon surf aussi
amicalement

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Réponse 39 / 41

fix200 Messages postés 3365 Statut Contributeur sécurité 158

Si, ça peut entrer en conflit: désactive le firewall de Windows et celui d'AVG et installe un parfeu des sités.

Réponse 40 / 41

Utilisateur anonyme

ok
ça roule
je mis met de suite
a+ fix200
bon surf
amicalement

________________________________________________________________________

A Vaincre Sans Péril , On Triomphe Sans Gloire....  I;-)(cocher résolu si votre problème est résolu)

Discussions similaires

prélèvements avec mon n°de carte

Beug sur pc portable

Iptv beug

Smart IPTV met un temps fou à charger depuis que je suis passé à la fibre

Bug de chaîne IPTV

Chev de troie et plein de beug !pe pa enlevé!

41 réponses

Votre réponse

Discussions similaires

Newsletters